The authors of an old Windows Trojan, DarkComet Remote Access Tool, claim to be working on one for MacOS X systems, called DarkCometX. DarkComet-RAT’s (Remote Administration Tool) website explains that the Windows tool was designed to make (sic) “hundreds of functions stealthly and remotely without any kind of autorisation in the remote process.”
Sophos security adviser Chester Wisniewski earlier this week heralded the rare discovery of a new backdoor Trojan designed for MacOS X systems. Wisniewski had suggested the origins for “Blackhole Remote Access Trojan (RAT)” for MacOS X could be found in DarkComet-RAT.
Blackhole RAT’s functions included issuing restart and shutdown commands and running arbitrary shell commands amongst others. The author of DarkComet-RAT however took exception to Wisniewski’s classification, adding that the rightful heir to its Windows parent was still under development and had a better interface. “While the BlackHole RAT Trojan seems to be copying the behavior of DarkComet, the lack of functionality and the unsophisticated user interface clearly offended the author,” Wisniewski said. While the functionality that DarkComet-RAT describes could lend itself to nefarious activities, Wisniewski noted that technically, it is not illegal to write a Trojan.“It's all in what you do with it,” he said.
(Image courtesy Sophos)
Copyright © iTnews.com.au . All rights reserved.
Issue: 335 | January/February 2015
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.