Mac OSX users hit with 'Tsunami' backdoor trojan

Users of computers running Apple Inc.'s Mac OS X were warned Wednesday against a new malware that can embed itself in a system and await further instructions. Sophos said the malware, which it dubbed OSX/Tsunami-A, appears to have its roots in Troj/Kaiten, a malware targeting the Linux operating system. "Typically code like this is used to rally compromised computers into a DDoS (distributed denial-of-service) attack, flooding a website with traffic," Sophos said in a blog post. It said the original Troj/Kaiten is a Linux backdoor Trojan horse that embeds itself on a computer system and listens to an IRC channel for more instructions. But Sophos said an examination of the malware shows it can receive a variety of different instructions and can be used to remotely access an affected computer. Sophos pointed out participating in a DDoS attack is not only illegal, but may also mean one has effectively put control of his or her Mac into someone else's hands. "Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is non-existent," it added. Also, Sophos said it expects to see cybercriminals continuing to target poorly protected Mac computers in the future. "If the bad guys think they can make money out of infecting and compromising Macs, they will keep trying," it said. — TJD, GMA News