Trojan.MacOS.Clapzok.A
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 1 |
| First Seen: | January 20, 2021 |
| Last Seen: | January 20, 2021 |
Trojan.MacOS.Clapzok.A is the detection of Clapzok, a multiplatform file infector trojan. The file infector designation stems from the ability of Clapzok to copy its code into other applications. In other words, Clapzok can self propagate once it has infected a system.
This may sound scary and it potentially could be. However, Clapzok has been around for about 15 years (8 years for the Mac version) and it is a PoC or Proof of Concept virus. What this means is that it was developed to point out a security flaw and doesn’t necessarily pose any risk. In Clapzok’s case, the developer is researcher JPanic. Clapzok was first introduced as PoC in 2006 but at the time it wasn’t compatible with Mac systems. Since the concept was a file infector, the only thing the original Clapzok does is to copy its code into other files and applications.
That being said, if a cybercriminal with enough knowledge and skills were to get their hands on the source code for the Mac version, they could in theory create a trojan that does much more than just self propagate. Fortunately, the behavior of Clapzok isn’t all that stealthy and it is well-known to security specialists. Any decent security solution for Mac should be able to detect and fully eradicate Clapzok. Manual removal would only be an option for experienced security experts, but is still possible.
