In computing terms, a “zombie” is a compromised computer used to perform different nefarious tasks, being controlled remotely by the attacker. Exactly this is a Mac OS X system infected by OSX/Tsunami-A backdoor trojan. It seems to be the same trojan as Troj/Kaiten which infected in the past Linux based systems, only this time ported to Mac OS X operating system. The attackers control the compromised systems via IRC channels and one of the main commands the attacker can gives to it remotely is to launch DDos attacks against websites at the attacker choice.
Practically a botnet of compromised computers is created and if at a certain moment choosed by the attacker these computers send many enough malformed requests to a web server will overload its resources making it inaccessible.
Besides the DDoS attacks, this backdoor trojan can perform other malicious tasks as downloading and execute other malware into the infected computer or execute shell commands. In other words, the attacker take over your Mac.
However, the good news is the trojan does not replicate or spread itself, so the Mac users must be careful what they download and install in their computers, what links they follow and what email attachments they open. Sophos security vendor released a free Mac Antivirus, using it is strongly recommended.
Keep safe !
Leave a Reply