New Trojan disguised as a PDF document
24/09/11 10:05
A trojan threat that is posing as a PDF document has been discovered. The threat displays a (Chinese) PDF document when run in an attempt to hide from the user that it's an application, connecting to a remote server and further downloading a backdoor trojan, which will allow hackers remote access to your computer.
Whilst the idea of disguising a threat as a PDF document has been seen before on Windows computers, this is the first time that the virus writers have adopted this approach on Mac OS X. At the moment the risk that this threat poses is low, the quality of the code suggests that it is a proof-of-concept that is not yet spreading in the wild.
ProtectMac AntiVirus detects the PDF-style application as OSX.Revir-1 and the backdoor trojan as OSX.iMuler-1
ProtectMac recommends that users are always extremely careful when downloading any files from the internet and only download from trusted sites. As we've seen with this threat and Microsoft Word files, because a file appears to be a document does not make it harmless.
Whilst the idea of disguising a threat as a PDF document has been seen before on Windows computers, this is the first time that the virus writers have adopted this approach on Mac OS X. At the moment the risk that this threat poses is low, the quality of the code suggests that it is a proof-of-concept that is not yet spreading in the wild.
ProtectMac AntiVirus detects the PDF-style application as OSX.Revir-1 and the backdoor trojan as OSX.iMuler-1
ProtectMac recommends that users are always extremely careful when downloading any files from the internet and only download from trusted sites. As we've seen with this threat and Microsoft Word files, because a file appears to be a document does not make it harmless.