[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: EasyDoc Eleanor Malware Onion Bots




On July 13, 2016 6:46:20 AM EDT, Zenaan Harkness <zen@freedbms.net> wrote:
>On Wed, Jul 13, 2016 at 06:33:19AM -0400, John Newman wrote:
>> 
>> > On Jul 6, 2016, at 2:52 PM, grarpamp <grarpamp@gmail.com> wrote:
>> > 
>> >
>http://www.theregister.co.uk/2016/07/05/easydoc_malware_adds_tor_backdoor_to_mac_systems_for_botnet_control/
>> >
>http://appleinsider.com/articles/16/07/06/new-mac-malware-can-remotely-access-facetime-camera-but-macos-gatekeeper-users-are-protected
>> > 
>> > Security firm Bitdefender has issued an alert about a malicious app
>> > that hands over control of Macs to criminals via Tor. The software,
>> > called EasyDoc Converter.app, is supposed to be a file converter
>but
>> > doesn't do its advertised functions. Instead it drops complex
>malware
>> > onto the system that subverts the security of the system, allowing
>it
>> > to be used as part of a botnet or to spy on the owner. "This type
>of
>> > malware is particularly dangerous as it's hard to detect and offers
>> > the attacker full control of the compromised system," said Tiberius
>> > Axinte, Technical Leader, Bitdefender Antimalware Lab. "For
>instance,
>> > someone can lock you out of your laptop, threaten to blackmail you
>to
>> > restore your private files or transform your laptop into a botnet
>to
>> > attack other devices. The possibilities are endless." The malware,
>> > dubbed Backdoor.MAC.Eleanor, sets up a hidden Tor service and
>> > PHP-capable web server on the infected computer, generating a
>.onion
>> > domain that the attacker can use to connect to the Mac and control
>it.
>> > Once installed, the malware grants full access to the file system
>and
>> > can run scripts given to it by its masters.A report on AppleInsider
>> > says that malware can also control the FaceTime camera on a
>victim's
>> > computer. But thankfully, Apple's Gatekeeper security prevents the
>> > unsigned app from being installed.
>> 
>> This is why I install only a limited number of apps from (hopefully
>non subverted) known good sources on hackintosh & MacBook.  Some UNIX
>stuff from homebrew, transmission, chrome, iterm and a couple others..
>of course even this isn't anywhere near perfect
>> 
>> "Easydoc converter.app" name fucking sounds fishy (and worthless)...
>> 
>> More and more malware finally starting to target osx (err macOS, or
>whatever it's called these days)..
>
>Just as well your operating system, drivers and desktop software are
>all
>open source too - you'd be at the mercy of a corporation's walled
>garden
>otherwise.

Aye true enough. I use Linux and freebsd as other primary OSs but am for instance using the nvidia supplied x11 driver, which has a binary blob in it... Performs so much better than nouveau though!!

Otherwise it's all free - xfce, Firefox and chromium... 

I still remember when Linux journal advertised commercial X11 for Linux that came with motif & cde... heh, I was still a bright eyed kid 

John

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.