Risk so far 'considered low'

A new piece of backdoor malware affecting OS X, Windows, Linux, and Solaris is in the wild, according to security firm Intego. Nicknamed OSX/NetWeirdRC, the code is said to be similar to Crisis in that it's a commercial remote access tool that was leaked to Virus Total. If a computer is infected, it can potentially allow an attacker to install new files, grab screenshots and system information, see which programs are running and steal encrypted passwords from apps like Firefox, Thunderbird, and Opera.

The risk from NetWeirdRC is considered "low" however, due to some major flaws in its code. It won't restart after a reboot, which can leave the malware dormant. It does add itself to login items, but all this accomplishes is opening a user's home folder at login. Modern security software can detect it trying to make an outbound connection. Intego notes that the software is even valued low on the marketplace; while Crisis costs €200,000, NetWeirdRC can be had as cheap as $60, despite it being advertised as undetected.

By Electronista Staff

Post tools:

TAGS :  

security, Linux, Windows, OS X, Solaris