Mac OS X backdoor Trojan, now in beta?

It never ceases to amaze me how virus/malware/phishing authors blow holes in their efforts by failing to correctly reproduce simple sentences.<p>"Finder Requires You Administrator Password"<p>Really? You couldn't do a 30 second web search to find the correct phrase? On a different note, Vista/Win7's way of darkening the entire desktop when asking for an admin password, which is difficult if not impossible to emulate, is a very clever technique.

Posts like this annoy me. It only gives details about the symptoms of the virus and gives zero details of the infection vector. What does this virus exploit? How does it take control of the computer? Is it a root kit? Does it have a C&#38;C server associated with it allowing it to become a botnet?<p>It is especially frustrating because although I am not a Mac user I like to keep up to date on threats against the Mac platform since exploits on the Mac are easier to port to other *nixs. Does anyone have actual details on this trojan?

I honestly wonder if the security companies are making crap like this in an attempt to get OSX users into the virus-fear market. Trojans are incomprehensibly simple things to write, but whenever one comes up for a Mac security companies go absolutely nuts and try to sell you something to get rid of it.<p>Wake me when there's a worm with rights escalation that installs itself without my approval or notice. As long as you have to put in your password and run their application, I'm safe, and it's hardly a virus so much as mere malware. Everything you need for malware has been around forever, and is already on your system: rm -rf *<p>edit: ran it and experimented. The only interesting thing about this is the password pop-up window, which looks fake and has a non-functioning abort button (!). I'm guessing it somehow resists focus while looking like it's focused and handling input, because it always looks like it's coming from the application you last had active. <i>That</i> is clever and an attack vector, the rest of this is child's play.

"Fortunately our products can detect and remove Trojans like this, and for home use they're free! If you would like to install Sophos Anti-Virus for Mac Home Edition, click on the banner below."<p>Hmm.

It would make perfect sense for Sophos to develop software like this. As long as they don't get caught.

I found the original source of the malware release. If anyone wants to look at it, Googling for "Blackhole RAT" and visiting the result titled "Blackhole Rat Problem" will return the same result I found. You'll have to change your UserAgent string to GoogleBot or similar because it is a registered forum.

But, but just ask a MacOS fanboi, they don't suffer from trojans/malware! So this must be a mistake &#60;/sarcasm&#62;