New malware can take control of Macs, Intego warns
By Lex Friedman, MacworldAPR 16, 2010 2:07 am PDT
Batten down the hatches! Better yet, unplug your Mac and run for the hills!
Intego, purveyor of internet security and privacy software for the Mac, reports that a new variant of malware—the intimidatingly-named HellRTS—has been spotted in the vast untamed reaches of the Internet.
But before you panic, let’s take stock of the facts. First, there certainly is bad news. Intego says that HellRTS—which was first discovered in 2004—recently received some nefarious upgrades: The malicious software can now open a “backdoor” to your Mac by setting up its own server on a private port, complete with a password. The software duplicates and changes its name, identifying itself as other genuine Mac software (like “iPhoto”), making it even harder to spot. The new HellRTS variant can contact remote servers, and then, Intego says, “provide direct access to [the] infected Mac.”
But here’s the good news: I just saved a bunch of money on car insurance. The HellRTS.D variant isn’t out in the wild; you can only be infected if you install the rogue software. Obviously, Trojan horse-style trickery could do the trick, but there are no reports that any such Trojans exist just yet. To date, the malware is merely being exchanged on forums frequented by technological evildoers (and the virus-protection software researchers who battle them).
How can you stay safe? Turn off “Open ‘safe’ files after downloading” in Safari’s preferences, and only launch or install apps from trusted sources. Or, of course, as Intego’s press release about HellRTS.D suggests, you could purchase Intego VirusBarrier X6, which can detect and scrub the nasty fellow.