Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Desktops (Apple) Security Windows Apple

Backdoor Trojan For Windows Ported To Mac OS 263

Posted by CmdrTaco
from the run-for-cover dept.
An anonymous reader writes "A Remote Access Trojan (RAT) for Windows, known as darkComet, has been ported to Mac OS X. The new backdoor Trojan is not yet finished, but it could be indicative of more underground programmers attempting to take advantage of Apple's growing market share."
This discussion has been archived. No new comments can be posted.

Backdoor Trojan For Windows Ported To Mac OS

Comments Filter:
  • by intellitech (1912116) * on Monday February 28, 2011 @11:49AM (#35338992)

    darkComet (aka darkComet-RAT) [darkcomet-rat.com] is the name of a remote administration tool, which BlackHoleRAT's control functionality is derived from. The trojan is actually called BlackHoleRAT, but regardless, here's an article link [tgdaily.com].

    And, while I'm going, the distortion of the term "trojan" is starting to test my patience. A trojan horse [wikipedia.org] is a piece of software that is deceptive in nature, one which appears to perform a desirable function, but, in fact, steals information or harms the system its occupying. This application, darkComet-RAT, is referred to as a trojan itself all over the web in news articles relating to this beta of "BlackHoleRAT," which is NOT the case. darkComet-RAT is a legit remote administration tool, similiar in functionality to VNC, and should be treated as such.

    I understand this butchering of the acronym "RAT," between its use as "Remote Administration Tool" and "Remote Access Trojan" may be confusing, as with all acronyms that use the same letters, but please, for the love of god, do some damn fact checking, and this would be less likely to happen.

    Grumble grumble grumble.

    • by hax4bux (209237) on Monday February 28, 2011 @11:57AM (#35339066)

      Looks like someone has a case of the Mondays

    • Re: (Score:2, Flamebait)

      by zill (1690130)
      darkComet? RAT?

      At least they didn't name it NigerianPrince.

      And here I thought GIMP was the only FOSS project with a name problem.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      Well, darkcomet isn't technically a trojan anymore than CoDC's Back Orifice is, but both are designed to be installed by subverting OS security restrictions and run stealthily. And while both have legitimate remote administration functions, they also have some not-so-legitimate ones well (i.e keyloggers). Let's face it, darkcomet and its ilk are designed to be used by black hat (wannabes). I doubt you would ever find them installed by any responsible IT dept for RA of business desktops.

      It may not be a troja

  • Or... (Score:2, Insightful)

    ...it could be Sophos trying to drum up trade...
  • Am I insane? (Score:5, Insightful)

    by Scorch_Mechanic (1879132) on Monday February 28, 2011 @11:55AM (#35339042) Journal
    Normally, I'd read The Fine Article just to get a hint of what this story means, but there isn't any links and the summary is vapid and useless. It is a non-story. Allow me to distill its meaning: "A piece of malware (a remote access backdoor ill-defined thingy that probably isn't a trojan) for windows was ported to mac. This is probably bad. Considering Apple's 'growing market share', what could it mean?"

    Bravo slashdot. A new low.
    • I read it as a remote access tool that installs as a trojan.

      In other words, it relies on social engineering to get the user to run it in the first place, but after being installed it gives control of the system to an attacker.

      • And the point he was making:

        Really? A remote access tool, once installed, allows...wait for it...remote access!

        Shouldn't be on Slashdot.

  • Slow day, cmdrtaco??

  • by michelcolman (1208008) on Monday February 28, 2011 @12:10PM (#35339198)
    MacOS X actually comes bundled with a tool that is able to wipe the entire hard disk! Up till now this has not caused widespread mayhem yet, but considering Apple's growing market share...
  • From the program's website:

    This software allow you to make hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.

    Real administrators have had this functionality for years, it's called "ssh" with public key authentication. (There's absolutely no legitimate use for remote access with zero authentication.)

    DarkComet is design with the latest IDE of Delphi

    No one uses Delphi for writing serious software.

    Works in chinese systems : The client is coded in a full natif Unicode environement then it can easily use and traduce in China, also since version 2.1 it works in all kind of Chinese operating system and display the correct Unicode characters.

    Congratulations, welcome to the 21st century! Unicode has been supported by pretty much all mainstream operating systems for years. The fact that they have to mention it is indicative of poor software quality. Oh yeah, and the UI looks like it w

    • Upon looking at it a second time, it seems that the UI comments only really apply to the Mac version. The screenshots of the Windows version don't look too horribly designed, but whatever.
  • by Comboman (895500) on Monday February 28, 2011 @12:29PM (#35339422)

    The new backdoor Trojan is not yet finished

    What the hell, even malmare is vaporware now? Can I put in a pre-order for it to infect my computer sometime next year?

  • by vlm (69642) on Monday February 28, 2011 @01:04PM (#35339796)

    What matters to me, is does it run on Linux under WINE?

  • Holy Shmoly, I just discovered my Mac has a trojan as well. Not sure if people are aware of this thing, it's called FTP. Not sure what it stands for, but it allows people to log into my computer and if they have the correct permissions, they can read, write and execute files!!!! Oh the humanity...

  • This isn't about market share because OSXs market share hasn't significantly increased over the past several years. It's about 5% world wide and 9% in North America...right where it has been for a while now.

"It's what you learn after you know it all that counts." -- John Wooden

Working...