Mac OS X Trojan-Dropper:OSX/Revir.A and Backdoor:OSX/Imuler.A Pose as a PDF File

Computer users, especially Mac users, should be on the lookout for a dangerous Mac OS X Trojan going disguised as a PDF file that trick users into installing malware, which in return makes their system vulnerable to a remote attack.

Even though it is rare, Mac malware continues to be a burden among unfortunate Mac OS X users who run their systems without any type of anti-malware or anti-virus protection. In recent onslaughts of malware attacks on Macs, it has resulted in the installation of fake security applications much like what on a day-to-day basis for PCs. The latest threat against Macs utilizes a social engineering technique, one of the first we have seen affect a Mac system. This technique basically takes advantage of a trusted and recognizable file, a PDF file in this case, and launches a backdoor attack on the Mac computer.

The generic trojans Trojan-Dropper:OSX/Revir.A and Backdoor:OSX/Imuler.A, known for installing malware on an infected computer, are the culprit of the recent Mac PDF document exploitation. These are Trojan droppers that aide in the exploitation and redirection on Mac computers affected by the malicious PDF file. Basically, after the Trojan dropper-infection is installed from the loading of the malicious PDF file, it launches a backdoor infection possibly by connecting to a malicious source over the Internet. Backdoors carry a heavy payload in the sense that it could allow communication with a remote command-and-control server to be initiated. With such a remote connection, a hacker could infiltrate a system and have unadulterated access to files, personal data or stored passwords. In other words, this exploit could turn into a bad case of 'you no longer exist' or what we refer to as, Identity Theft.

Security researchers have made a discovery that the particular malware laden PDF file contains Chinese language. Commonly, we have seen cases where malware files are written in a language other than English, which sometimes is a concurrence of its creator's origin. It has yet to be revealed where the malicious PDF comes from.

The Mac OS X Trojan PDF file is currently a low risk threat because it does not exactly take advantage of a vulnerability nor does it actually contain a Trojan but rather installs one. Moreover, some security researchers believe that a properly configured Mac computer would be able to mitigate the backdoor installer that is initiated by the malicious PDF file. Clearly, the crosshairs are still sharply focused on Windows systems and Mac computers are just bonus points for relentless hackers that conjure up new malware every day.

Do you ever think or fear that Mac computers will one day face the wrath that PCs have faced with when it comes to malware? If so, what would be the factors to contribute to targeting Mac systems other than a growing population of them?