New Tor-powered backdoor program targets Macs
Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network.
The new malware has been dubbed Backdoor.MAC.Eleanor by researchers from antivirus vendor Bitdefender and is distributed as a file converter application through reputable websites that offer Mac software.
The rogue application is called EasyDoc Converter. Once installed it displays a fake interface where users can supposedly drag and drop files for conversion, but which in reality doesn’t do anything.
In the background, the application executes a shell script that installs multiple malicious components in a folder called “/Users/$USER/Library/.dropbox.” The Dropbox name is used to make the malware harder to spot and has nothing to do with the legitimate Dropbox file synchronization software.