This persistent shell access allows hackers to run remotely-issued commands on the infected system, some of which have been identified as clear-text Perl scripts.
#How to get rid of trojan backdoor virus on a mac mac os x#
Because the infected computer initiates the bi-lateral connection and not the remote server, Pintsized is able to bypass inbound-only firewalls, like the in-built Mac OS X firewall and the firewalls/NAT provided by most routers. Once Pintsized is in, it phones home to hackers via an encrypted OpenSSH connection. Under normal circumstances, users who disable Gatekeeper would be afforded no protection against these types of attacks. Although Gatekeeper is enabled by default, it's worth noting it can also be disabled. It appears Pintsized has the capability to defeat this security mechanism, although exactly how it does so remains unknown. Security firm Intego appears to be the first to report on this malware and has named the backdoor virus "Pintsized".Īs of 10.7 (Lion), Mac OS X employs an anti-malware feature named "Gatekeeper" which helps deflect the "installation" of malware by utilizing what is essentially a digital signature system.
A new trojan virus is targeting computers running Mac OS X and initiating an encrypted reverse-shell connection, allowing attackers potentially unfettered access to infected machines armed with basic, inbound-only firewalls.
0 kommentar(er)
