Virus Archives

Trojan Horse Alert: HellRaiser (aka OSX/HellRTS.D)

Trojan Horse Alert: Intego recently alerted users to the presence of a new variant of the HellRaiser Trojan Horse, which they identify as OSX/HellRTS.D. SecureMac has analyzed this new variant and it is detected in the latest MacScan spyware definitions update (Spyware Definitions Version 2010006) as HellRaiser Trojan Horse 4.2. MacScan has detected previous variants of this trojan horse since 2005.

HellRaiser is a trojan horse that allows complete control of a computer by a remote attacker, giving the attacker the ability to transfer files to and from the infected computer, pop up chat messages on the infected system, display pictures, speak messages, and even remotely restart or shut down the infected machine.

The attacker can search through the files on the infected computer, choosing exactly what they want to steal, view the contents of the clipboard, or even watch the user’s actions on the infected computer.

In order to become infected, a user must run the server component of the trojan horse, which can be disguised as an innocent file. The attacker then uses the client component of the trojan horse to take control of the infected system.

Read more about HellRaiser Trojan Horse aka OSX/HellRTS.D

April 16, 2010 • 2 min read

Mac Classic

Intego Virus Barrier Virus Definition Bypass Exploit

Advisory Title: Intego VirusBarrier X4 definition bypass exploit
Release Date: 2006 November 8
Affected Products: Intego VirusBarrier X4
Severity: Moderate
Where: Local System
Author: Kevin Finisterre

Fix: Bug Fixed Starting with 2006/11/01 Vdef files
Exploit: pwntego.tar.gz

Kevin Finisterre, a security researcher with digitalmunition.com has discovered and demonstrated a flaw in Intego VirusBarrier X4, an antivirus program for Macintosh computers. The “pwntego” exploit show how systems running Intego VirusBarrier X4 can lose their protection. Kevin discovered that the program suffered from a flaw related to the number of alerts it can process simultaneously.

Kevin saw that if an attacker is …

November 11, 2006 • 8 min read

Keystroke Logger

iMonitor

- Type:
- Keylogger
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

iMonitor is a keylogger.

iMonitor Threat Removal

MacScan can detect and remove iMonitor Keylogger from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

EICAR

- Type:
- Proof of Concept
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

EICAR is a proof of concept that tests the capabilities of antivirus programs. It is not actually malware.

EICAR Threat Removal

MacScan can detect and remove EICAR Proof of Concept from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Keystroke Logger

Refog

- Type:
- Keylogger
- Platform:
- Mac OS X
- Last updated:
- 05/01/20 6:18 pm
- Threat Level:
- High

Description

Refog is a keylogger.

Refog Threat Removal

MacScan can detect and remove Refog Keylogger from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Keystroke Logger

EaseMon

- Type:
- Keylogger
- Platform:
- Mac OS X
- Last updated:
- 09/03/19 6:52 pm
- Threat Level:
- High

Description

EaseMon is a keylogger.

EaseMon Threat Removal

MacScan can detect and remove EaseMon Keylogger from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

Tsunami

- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

Tsunami is a trojan horse.

Tsunami Threat Removal

MacScan can detect and remove Tsunami Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

TIFFvuln

- Type:
- Exploit
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

TIFFvuln is an exploit that targets a TIFF vulnerability in earlier versions of OS X.

TIFFvuln Threat Removal

MacScan can detect and remove TIFFvuln Exploit from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

NetWeird

also known as OSX/NetWeirdRC.A

- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

NetWeird is a commercial remote access tool that can give malicious third parties access to infected computers.

NetWeird Threat Removal

MacScan can detect and remove NetWeird Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

GetShell

also known as Java/SET.A, OSX/ExploitKit.gen

- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

GetShell is a trojan horse.

GetShell Threat Removal

MacScan can detect and remove GetShell Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

Janicab

- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

Janicab is a trojan horse that arrives disguised as a PDF file.

Janicab Threat Removal

MacScan can detect and remove Janicab Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

QHost

also known as OSX/QHost.WB

- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

QHost is a trojan horse that modifies the hosts file to redirect web traffic.

QHost Threat Removal

MacScan can detect and remove QHost Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

MetaData

also known as Exploit.OSX.Safari

- Type:
- Exploit
- Platform:
- Mac OS X
- Last updated:
- 03/31/16 3:35 am
- Threat Level:
- High

Description

MetaData is an exploit that targets a metadata vulnerability in earlier versions of OS X.

MetaData Threat Removal

MacScan can detect and remove MetaData Exploit from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read

Malware Definitions

WeaponX

also known as OSX/WonRK.A

- Type:
- Rootkit
- Platform:
- Mac OS X
- Last updated:
- 02/09/16 9:14 pm
- Threat Level:
- High

Description

WeaponX is a rootkit.

WeaponX Threat Removal

MacScan can detect and remove WeaponX Rootkit from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.

Download MacScan

• 1 min read