Dangerous new Mac malware fully compromises OS X

Buster Hein

Apple’s Mac systems have been exposed to a dangerous new piece of malware that allows attackers to take full control of OS X.

The new malware, dubbed Backdoor.MAC.Eleanor by security researchers, provides attackers with a backdoor into OS X systems by embedding a script into a fake file converter application that’s found on many reputable sites that sell Mac apps.

“This type of malware is particularly dangerous as it’s hard to detect and offers the attacker full control of the compromised system,” says Tiberius Axinte, Technical Leader, at Bitdefender Antimalware Lab. “For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.”

Bitdefender researchers found the malware in the EasyDoc Converter app which poses as a drag-and-drop file converter but actually has no functionality other than downloading the malicious script onto the machine.

Backdoor.MAC.Eleanor creates a unique Tor address on infected machines, allowing attackers to connect and fully access the complete files system, as well as capture images and videos through the web camera.

Because the app hasn’t been signed by Apple, security researchers recommend changing your Mac’s security setting to only allow apps downloaded from the Mac App Store and identified developers.