By ESGI Advisor in Backdoors, Mac Malware

Threat Scorecard

Threat Level: 10 % (Normal)
Infected Computers: 3
First Seen: October 26, 2011
Last Seen: February 5, 2023
OS(es) Affected: Windows

The Troj/Kaiten Trojan is a backdoor Trojan for the Linux operating system. Let us examine each of the components of the previous sentence: Troj/Kaiten is the name of this malware threat. Troj/Kaiten Trojan is known as a "backdoor" Trojan because Troj/Kaiten Trojan creates a hole in a computer system's security. This kind of hole is known as a backdoor since, much like a burglar, which can make his way into an unprotected home through an open backdoor, a hacker can gain access to a computer system through the virtual backdoor created by the Troj/Kaiten Trojan. Threats like Troj/Kaiten are known as Trojans, in honor of the famous Trojans. They are named like this, because, unlike viruses or worms, Trojan horses cannot spread by themselves. Instead, they rely on users themselves or on the help of other malware, to enter and infect a computer system. This is why deceptive tactics and social engineering are such an important part of malware infections such as the Troj/Kaiten Trojan. The Troj/Kaiten Trojan, in particular, is designed to infect the most common releases of the Linux operating system. However, there are certain peculiarities of the Linux operating system that make it practically immune to most malware attacks. The reason why the Troj/Kaiten Trojan has made news is because Troj/Kaiten Trojan has been ported so that Troj/Kaiten Trojan will infect Macs computers with the Mac OS X operating system.

OSX/Tsunami-A, A Dangerous Port of the Troj/Kaiten Trojan

Many computer users have the mistaken notion that Macs are immune to malware. While it is true that there are less malware threats designed to attack the Mac OS X operating system, malware is still a very real danger for Mac users. The Troj/Kaiten Trojan made headlines in 2011 when Troj/Kaiten Trojan was adapted to attack computer systems with the Mac OS X operating system, released under the name OSX/Tsunami-A. ESG PC security researchers believe that the name "Tsunami" derives from the fact that this malware threat is used to perform Distributed Denial of Service attacks. These flood a server or website with requests and are often performed through a vast network of infected computer systems attacking a single point at once. The attacks in themselves are carried out with a Remote Access Tool, a hacking tool that is used to control a computer remotely. Usually, this is done automatically, with the use of an IRC channel to relay the orders to the different infected computer system. This Remote Access Tool is planted onto the infected computer through the backdoor created by this port of the Troj/Kaiten Trojan.


Troj/Kaiten may call the following URLs:


Most Viewed