A new Trojan horse has been found targeting Mac users with the possible intention of hijacking systems and recruiting them to launch mass denial-of-service (DDoS) attacks.
The Trojan, identified by the Internet security firm Sophos as OSX/Tsunami-A, works by latching onto a host system and then receiving attack instructions from a remote Internet Relay Chat (IRC) channel. Sophos says the Tsunami Trojan is so named for its likely goal, to force infected computers into becoming part of a compromised network which then launches DDoS attacks, flooding websites with so much traffic they're unable to function properly.
In analyzing Tsunami's source code, Sophos found that the Trojan is capable of doing more than recruiting systems for DDoS attacks; it can also give hackers remote access to infected computers. Sophos said Tsunami appears to be derived from an old backdoor Trojan called Kaiten, which was built to infect computers running the Linux operating system. That an old Linux Trojan has been updated is a sign that Mac users are becoming increasingly attractive targets for computer criminals.
"Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is nonexistent," Sophos' Graham Cluley wrote.
In fact, a host of Mac-specific pieces of malware has emerged in the past year, embedding themselves in everything from corrupt videos and legitimate-looking Google images to rigged Adobe Flash installers, and harvesting victims' personal information.
"We fully expect to see cybercriminals continuing to target poorly protected Mac computers in the future," Cluley wrote. "If the bad guys think they can make money out of infecting and compromising Macs, they will keep trying."
Whether you use a Mac or a PC, you can increase your defenses against dangerous malware and other threats by running up-to-date anti-virus software. For a list of the best anti-virus software programs, click here.