SecureMac, Inc.

Malware Library. Threats targeting Macs.

Mac malware exists in all shapes and sizes and new digital parasites evolve every day. Whether it’s adware, trojan horses, keystroke loggers, viruses or other spyware, stay up-to-date and discover more information about the latest threats targeting your Mac here.

Trojan Horse Security Threat for Mac OS X

AppleScriptTHT

AppleScriptTHT

also known as OSX/ARDScript.A, OSX/Hovdy.A

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

AppleScriptTHT is a trojan horse. First spotted in the wild in 2008, the malware was discovered when it was offered for distribution on a hacker website, with site forum members discussing possible delivery vectors which included the messaging app iChat and the filesharing service LimeWire.

In order to become infected, a user must first download and launch AppleScriptTHT. Once installed, the Trojan exploits a vulnerability in the Apple Remote Desktop Agent in order to gain administrative privileges on the infected …

Read
BlackHoleRAT

BlackHoleRAT

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
04/02/16 7:14 am

Threat Level:
High

Description

BlackHoleRAT is a Trojan horse that allows remote access by malicious third parties to an infected computer. Early versions of the Trojan were relatively unsophisticated and seemed to be intended as proof of concept, but subsequent, better-developed variants were soon discovered — and these were being offered for distribution.

BlackHoleRat is able to carry out a range of malicious actions on an infected machine, including the following: It can request an administrator password and store it to a file, execute shell scripts, turn the …

Read
Boonana

Boonana

also known as OSX/Jnana, OSX/Koobface

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

Boonana is a trojan horse that spread through social networking sites, including Facebook, disguised as a link to a video. When a user clicked the infected link, the trojan initially ran a Java applet which downloaded other components, modified system files to bypass the need for passwords, and allowed outside access to all files on the system. The trojan would run invisibly in the background at startup, and periodically check in with a command-and-control server to report information on …

Read
CallMe

CallMe

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
04/02/16 10:02 am

Threat Level:
High

Description

CallMe is a Trojan horse that targets Tibetan activist organizations. The Trojan infects its target through a malicious Microsoft Word (.doc) file, exploiting an older Word vulnerability cataloged as CVE-2009-0563.

Once active, CallMe is able to run commands on the infected system; however, it only takes a limited number of actions using these permissions. The Trojan attempts to connect to a command and control server; creates a copy of the user’s contact list for the malware authors to access remotely; and establishes a …

Read
CoinThief

CoinThief

also known as OSX/StealBit

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
02/13/16 8:48 am

Threat Level:
High

Description

CoinThief is a Trojan horse that steals Bitcoins. Early versions of the malware were distributed through GitHub, a website which hosts publicly available software source code. Subsequent versions of CoinThief were also found on popular Mac app download sites.

CoinThief comes disguised either as a cryptocurrency “wallet” app — software for sending and receiving cryptocurrency — or as a cryptocurrency price ticker. The Trojanized wallet application is called StealthBit; the price ticker apps go by the names of “Bitcoin Ticker TTM …

Read
CpuMeaner

CpuMeaner

also known as BitCoinMiner, CoinMiner

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
01/02/18 11:56 pm

Threat Level:
High

Description

CpuMeaner is a Trojan horse. It comes disguised as a pirated software application, meaning that a victim would have to attempt to illegally download a pirated app in order to be infected by CpuMeaner. Once installed, the Trojan writes to the LaunchAgent directory in order to achieve persistence on the system (the ability to survive reboots). The malware then runs a custom version of XMRig, an open source program designed to mine the cryptocurrency Monero, and sets up a …

Read
CreativeUpdate

CreativeUpdate

also known as BitCoinMiner, CoinMiner, Miner

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
02/02/18 9:51 pm

Threat Level:
High

Description

CreativeUpdate is a Trojan horse that mines cryptocurrency. It was discovered in 2018 on the popular Mac app distribution platform MacUpdate, masquerading as the macOS utilities Deeper and OnyX, as well as an illegitimate version of Firefox. It should be noted that the developers of Deeper, OnyX, and, of course, Firefox, have nothing to do with the malware: CreativeUpdate’s authors designed their Trojan to impersonate these apps, and then circumvented the security checks at MacUpdate in order to …

Read
Crisis

Crisis

also known as OSX/Morcut

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
02/09/16 9:14 pm

Threat Level:
High

Description

Crisis is a Trojan horse that creates a backdoor on infected systems. Also known as Morcut, Crisis was first discovered in 2012, with subsequent variants appearing in the years to follow.

Crisis comes in the form of an illegitimate Adobe Flash Player installer. If installed, Crisis takes steps to achieve persistence (the ability to survive reboots), and then performs several actions, the nature of which depends on whether or not the Trojan was launched with administrative permissions. On a system which …

Read
DevilRobber

DevilRobber

also known as OSX/CoinMiner

    • Type:
    • Trojan Horse
    • Platform:
    • Mac OS X
    • Last updated:
    • 02/19/16 12:27 am
    • Threat Level:
    • High

Description

DevilRobber is a trojan horse that can steal information and slow down your computer by using it to mine bitcoins.

DevilRobber Threat Removal

MacScan can detect and remove DevilRobber Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

Read
DNSChanger

DNSChanger

also known as OSX/Jahlav, OSX/RSPlug, Puper

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
04/23/16 8:34 pm

Threat Level:
High

Description

DNSChanger is a trojan horse that arrived disguised as a video codec and changed the internet settings on infected computers. Once installed, the trojan horse redirected webpages in an attempt to steal login information for online banking sites. The malicious DNS servers used by the DNSChanger trojan horse were taken over by the FBI after the malware authors were arrested, and the malware network was officially shut down in July 2012.

DNSChanger Threat Removal

MacScan can detect and remove DNSChanger …

Read
Dok

Dok

also known as OSX.Bella, OSX.Dok.A

Type:
Trojan Horse

Platform:
Mac OS X

Last updated:
07/01/19 7:50 pm

Threat Level:
High

Description

Dok is a trojan horse that arrives in a phishing e-mail disguised as a document. Dok can monitor all web traffic to and from infected computers, as well as potentially modify the network traffic to redirect users to malicious third party websites. While the core components of this trojan horse can be detected and removed, it additionally installs and alters thousands of other files on infected systems, requiring a full reinstall of macOS.

Dok Threat Removal

MacScan can detect and remove …

Read
GMERA

GMERA

    • Type:
    • Trojan Horse
    • Platform:
    • Mac OS X
    • Last updated:
    • 10/01/19 6:24 pm
    • Threat Level:
    • High

Description

GMERA is a trojan horse that comes disguised as a stock trading app. It steals user information from infected systems, and uploads it to the web.

GMERA Threat Removal

MacScan can detect and remove GMERA Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

Read
Imuler

Imuler

    • Type:
    • Trojan Horse
    • Platform:
    • Mac OS X
    • Last updated:
    • 04/02/16 9:24 am
    • Threat Level:
    • High

Description

Imuler is a trojan horse that installs a backdoor on infected systems in order to steal files and take screenshots, which are then sent to a remote server.

Imuler Threat Removal

MacScan can detect and remove Imuler Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

Read
1 2 3

Join our mailing list for the latest security news and deals