Remote Forensics Trojans, Surveillance and Investigations
Wednesday, August 08, 2012
(Translated from the original Italian)
No doubts, one of the most advanced cyber threats is malware diffusion, and we read daily news regarding new unknown agents developed by cybercriminals, governments or hacktivists, but are we really ready to reduce the exposure of our technical resources?
Some weeks ago some news had passed without too much noise, but I believe it is really interesting, and that's why I decided to examine it.
Doctor Web, a Russian anti-virus company, had detected a cross-platform Trojan horse that is able to gain full control of its targets and can render the system unusable. The agent, dubbed BackDoor.DaVinci.1, runs both on Windows and Mac OS X, and what is most interesting are the characteristics of the Mac OS X release which for the first time implements rootkit technologies to hide the malware processes and files.
The first question is who has developed the backdoor?
Gladiator Security Forum