CallMe
- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 04/02/16 10:02 am
- Threat Level:
- High
Description
CallMe is a Trojan horse that targets Tibetan activist organizations. The Trojan infects its target through a malicious Microsoft Word (.doc) file, exploiting an older Word vulnerability cataloged as CVE-2009-0563.
Once active, CallMe is able to run commands on the infected system; however, it only takes a limited number of actions using these permissions. The Trojan attempts to connect to a command and control server; creates a copy of the user’s contact list for the malware authors to access remotely; and establishes a persistence mechanism in order to survive reboots.
Analysis of the CallMe Trojan seems to indicate that it was intended for users of older macOS versions (10.4 or earlier), and the Word vulnerability which it exploits was patched in 2009. This, along with the fact that it was originally targeted at members of activist organizations, makes it fairly unlikely that average users would be affected by CallMe malware.
CallMe Threat Removal
MacScan can detect and remove CallMe Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
