Trojan.MacOS.Jahlav Description

Trojan.MacOS.Jahlav.I is the detection for the Jahlav trojan for MacOS systems. There is nothing special about Jahlav. It is a Mac trojan that is distributed in fake crack or keygen programs on free download websites. In addition to being illegal, pirating hides other risks like getting infected with the Jahlav trojan.

Once Jahlav infects a Mac, it creates a malicious shell script file AdobeFlash in ~/Library/Internet Plug-Ins. Jahlav also schedules the script to run periodically. Within the first script there is another obfuscated script that in turn contains a Perl script with the true payload. The perl script uses HTTP to communicate with a C2. Jahlav can download code as instructed by the malware operator. This functionality means that the cybercriminals have a plethora of options to further compromise the infected system.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.