AAPL Stock: 117.81 ( -0.22 )

Printed from

New OS X 'KitM.A' malware discovered, mostly impotent

updated 04:01 pm EDT, Thu May 16, 2013

App dumps screenshots into a folder, command and control servers inactive

A new semi-functional malware has been found for OSX. Discovered on a computer at the Oslo Freedom Forum by researcher Jacob Appelbaum, the OSX/KitM.A is a backdoor application which launches on boot and captures screenshots on a regular basis, which are then dumped in a folder.

The malware has two command and control servers, with one nonfunctional and one delivering a 403 - public access forbidden warning. It is unknown if the servers were ever put into service, or will be running in the future.

The malware is signed with a legitimate Apple Developer ID, which can bypass Apple's built-in malware installation block. The source of the malware is under investigation by anti-virus company F-Secure. Apple has not as of yet revoked the developer's signature.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented