|Home » Industry Watch (» The Technological » Hall of Monkeys » Heroes Banquet)
Wirenet: Linux/OS X Trojan?
Dodgy like a sore thumb.
ST PETERSBURG (Rixstep) — DrWeb have discovered a cross-platform trojan targeting Linux and OS X. They've christened it 'Wirenet'.
The trojan is designed to 'steal passwords stored by a number of popular Internet applications'.
DrWeb have not yet been able to trace the trojan's propagation.
According to DrWeb, Wirenet installs itself in the user root directory and uses AES to communicate with its mothership located at 220.127.116.11, registered (and ostensibly run) in the Netherlands.
DrWeb also claim Wirenet functions as a keystroke logger, and harvests passwords entered through Opera, Firefox, Chrome, Thunderbird, SeaMonkey, and Pidgin.
DrWeb claim to have an AV update that successfully eradicates Wirenet, but given its rather clumsy location in the file system, it shouldn't be at all difficult to detect and remove on its own. For it's right there at the root of the user area.
The Technological: Apple and the War on Stupidity
DrWeb: First Trojan in history to steal Linux/OS X passwords