New Mac malware OSX/Crisis discovered
Published July 24th, 2012 at 4:56 PM EDT , modified July 27th, 2012 at 6:48 AM EDT
Intego reported the discovery of new malware today, which they have named OSX/Crisis. This malware is evidently a trojan that installs a backdoor (called Backdoor:OSX/Crisis by Intego). It can evidently install this backdoor without an admin password; simply running the trojan is sufficient. The backdoor, in turn, contacts a specific IP address every 5 minutes looking for instructions.
Unfortunately, that’s about the extent of what is known about this malware. It’s unclear exactly what the malware will do, how it infects the user’s system or where it’s found. Intego’s report is somewhat confusing and information-poor, likely because they have not actually seen this malware in the wild and have not yet completed their analysis. I’m sure more information will be forthcoming, if not from Intego, then from other security companies.