Mac OS X backdoor Trojan, now in beta? 報告人：劉旭哲. Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It.

Slides:

Advertisements

Similar presentations

Microsoft Office 2007 Microsoft Excel Collaboration Feature Using SharePoint and Excel Services.

Advertisements

7 Effective Habits when using the Internet Philip O’Kane 1.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Trojan Horse Program Presented by : Lori Agrawal.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

This is your desktop. Open a browser and Click on this link.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

KEEP YOUR COMPUTE SAFE AND HOW TO FIX IT 1. OBJECTIVE Keep your computer safe. -Not about spam, phishing or browser hijacks Designed for the non-geek.

Mozilla Thunderbird Roderick Bautista Cheryl Knott Gyeong Lee Lee Raynes Kelly Santos.

Chapter Nine Maintaining a Computer Part III: Malware.

Trojan Horse Chris Wise & Jacob Summers. Overview What is Trojan Horse? Types of Trojan Horses? How can you be infected? What do attackers want?

Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Installing and Configuring Tomcat A quick guide to getting things set up on Windows.

DB2 (Express C Edition) Installation and Using a Database

Linux GUI Chapter 5. Graphical User Interface GUI vs. CLI Easier and more intuitive More popular and advanced Needed for graphics, web browsing Linux.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

1 HTML (Set Up Public Folder) Some material on these slides is taken directly from

Viruses By amrisa hussain Internet safety. viruses Viruses- a virus is a file or a piece of code which is capable of copying itself and typically has.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

Once you have contacted me to set up a new account, your computer needs to be configured to dial into.DevlinEx and use our servers for things like .

Log on to Digital Locker Website You should be able to log on using Internet Explorer browser at the campus. You may need to log in using Mozilla FireFox.

Technology Standards Review. Where do you click to begin entering the address for the Web site to which you would like to go?

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

Client – Server Application Can you create a client server application: The server will be running as a service: does not have a GUI The server will run.

Enjoy Remote Support WinVNC Introduction A&SIT Ben Wu 11/04/08.

Network problems Last week, we talked about 3 disadvantages of networks. What are they?

The Stanford Login Web Tools Workshop 2 Your Presenter: Laura Silberstein.

Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.

Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.

How to Install Malwarebytes Anti- Malware Software Khushbu Shah ENG 393 May 4 th, 2010.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Avoiding viruses and malware A quick guide. What is malware?  A virus and malware are the same thing  Spyware  Worm  Trojan  Virus.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Introduction to Systems Security (January 12, 2015) © Abdou Illia – Spring 2015.

Protocols COM211 Communications and Networks CDA College Olga Pelekanou

VDI-in-a-box TM 1 Kaviza Client End User Quick Start Manual.

Malicious Software.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

How to use WS_FTP A Step by Step Guide to File Transfer.

Internet safety By Suman Nazir

IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.

BlueOS 1.5 Hello and Blue is loading your system files, and if you are a new user, welcome to Blue, our virtual assistant, Clara, will guide you on how.

Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.

By: Symone Lee Noah Smith Sydney Quesada MYP Technology Period 8/9 Mr.Ochs.

Go to Start >> Programs >> Outlook Express ( as shown)

1 Mapping a Drive on a USF IIS Server. 2 Mapping a Drive To map a drive to a network file directory in Windows you must be on a Microsoft local area network,

4000 Imaje 4020 – Software Imaje 4020 – Content ■ Content of Chapter Software: 1. Flash Up 2. Netcenter 3. FTP 4. Active X 5. XCL commands 6. Exercise.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

Chapter SOFTWARE Are the programs which are written by different programming languages. These programs are: a series of instruction that tells.

Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.

CACI Proprietary Information | Date 1 PD² SR13 Client Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead Date: December 8, 2011.

Week-2 (Lecture-1) An electronic message sent from one computer to another. contains account i.e. How does.

Windows Server 2003 { First Steps and Administration} Benedikt Riedel MCSE + Messaging

Windows Tutorial 5 Protecting Your Computer

Three steps to prevent Malware infection

How To Install Panda Antivirus For Mac?

Bomgar Remote support software

What is an operating system?

How to scan system with norton-antivirus Norton antivirus is one of the worlds best anti-malware software developed by Symmantics corporation in 1991 as.

Download and Install McAfee with McAfee Customer Service

Introduction to Systems Security

Radoslaw Jedynak, PhD Poland, Technical University of Radom

Presentation transcript:

Mac OS X backdoor Trojan, now in beta? 報告人：劉旭哲

Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It could be indicative of more underground programmers taking note of Apple's increasing market share.

Introduction Not the first backdoor Trojan for OS X. – HellRaiser (OSX/HellRTS)_ by McAfee – This Trojan was detected earlier in BlackHole RAT has the classic client-server architecture. The server (the Trojan itself) works only on Intel-based OS X machines, while the client works also on Microsoft Windows.

How to Work Infects computers （ Victims ） through downloads over the Web or a vulnerability in your browser, plugins, and other applications. The server will also open ports such as 10005, 10004, 10001, 10000, 9999, 7781, 7782, 7780, and The attacker can use the client to connect to the victim’s machine on port 7777 and open port 7778 to accept incoming connections

Method Sophos calls it OSX/MusMinim-A, or 'MusMinim‘ Its functions include: 1.Placing text files on the desktop 2.Sending a restart, shutdown or sleep command 3.Running arbitrary shell commands 4.Placing a full screen window with a message that only allows you to click reboot 5.Sending URLs to the client to open a website 6.Popping up a fake "Administrator Password" window to phish the target

After connection, attacker click More

Pop up on victim’s mac 此視窗僅能打帳密後按 OK

Default text that is displayed in the full screen window with the reboot button: "I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected! I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it. So, Im a very new Virus, under Development, so there will be much more functions when im finished."

Demo_Video

Conclusion BlackHole RAT Trojan seems to be copying the behavior of DarkComet – The author deny this relationship Easy to kill – Check port – kill process