July 25, 2012
Russian anti-virus company Doctor Web is warning users about a dangerous cross-platform Trojan horse that provides criminals with full control over infected machines and can render a system non-operational. The malicious application, dubbed BackDoor.DaVinci.1, runs both in Windows and Mac OS X. Notably, the version for Mac OS X for the first time features rootkit technologies to hide the Trojan's processes and files.
BackDoor.DaVinci.1 is developed and sold by HackingTeam which has been in business since 2003. This malicious program is a multi-component backdoor that includes a large number of functional modules, such as drivers that use rootkit technologies, to hide the application in an operating system.
BackDoor.DaVinci.1 is spread as the AdobeFlashPlayer.jar file, signed using an invalid digital certificate. On July 23 a user sent this signed applet to Doctor Web for analysis.
HackingTeam criminals call their brainchild a 21st-century weapon and sell BackDoor.DaVinci.1 as a remote control and espionage solution. The Trojan poses a serious threat to users, because it not only intercepts any information on the infected computer but also gives criminals full control over a compromised system, so that they can render it non-operational, for example, by damaging or removing its components.
Despite BackDoor.DaVinci.1 developers' claims that this malicious application can withstand any modern anti-virus program, Dr.Web for Windows and Dr.Web for Mac OS X detect and successfully remove BackDoor.DaVinci.1; therefore, Dr.Web users are well protected against this threat.
View the article
Cross-platform Trojan controls Windows and Mac machines
Нет ответов в данной теме
Читают тему: 0
0 пользователей, 0 гостей, 0 скрытых