Boka revabeki vanozivikanwa kuve vakavaka zvekurwisa kwakasiyana siyana munguva yakapfuura kupokana neUS Defense Defense Base., pamwe nemamwe makambani akakosha muchikamu ichi, achangotanga kushandisa chirongwa chinosanganisira backdoor yekurwisa masystem neOS X.
Vatsvagurudzi veFireEye chengetedzo vakatotaura pamusoro payo blog China kuti iyo yekunze kodhi kodhi yakaendeswa kune OS X kubva paWindows backdoor iro rave richishandiswa zvakanyanya mukurwisa kwakanangwa mumakore mashoma apfuura, ichigadziriswa kakawanda muchiitiko ichi.
Iyo yakaipa programme yakatumidzwa zita rekuti XSLCmd uye inokwanisa kuvhura reverse shell yekudzoreredza faira uye kuendesa, pamwe nekuisirwa zvimwe zvirongwa zvakaipa pamakomputa ane hutachiona. Iyo OS X musiyano inogona zvakare kunyoresa keystrokes uye screenshots, maererano nevatsvakurudzi veFireEye.
Kana yaiswa paMac iyi malware inozviisa yega mu »/ Raibhurari / Matanda / clipboardd» uye »HOME / Raibhurari / LaunchAgents / clipboardd«. Iyo zvakare inogadzira com.apple.service.clipboardd.plist faira kuti ive nechokwadi chekuti inomhanya mushure meiyo reboots system. Iyo malware ine kodhi inoongorora iyo OS X, asi kwete shanduro dziri pamusoro peOS X 10.8 (Mountain Lion). Izvi zvinoratidza kuti vhezheni 10.8 ingave iri yekupedzisira vhezheni yeOS X pakanyorwa chirongwa kana kana yakajairika kwazvo inoshandiswa pazvinangwa zvayo.
Iyo XSLCmd backdoor yakagadzirwa uye yaishandiswa neboka reyber espionage rave riripo kushanda kubvira angangoita 2009 uye yakanzi GREF neVatsvakurudzi veFireEye. "Nhoroondo, GREF yakatungamira akasiyana masangano, kusanganisira United States Defense Industrial Base (DIB), zvemagetsi neinjiniya makambani kutenderera pasirese, pamwe nenheyo nemamwe masangano asiri ehurumende, kunyanya avo vane zvido muAsia.» .
Zvinoenderana neFireEye:
OS X yakawana mukurumbira pakati pemabhizimusi, nevashandisi vasina ruzivo vachikurumidza kuchinjira kuchirongwa chitsva uye vachiona zviri nyore kushanda, kunyangwe vashandisi vepamusorosoro vachishandisa maficha ane simba, pamwe nevatungamiriri […] Vanhu vazhinji vanozvitorawo seimwe yakachengeteka komputa chikuva, iyo inogona kutungamira kune ine njodzi pfungwa yekusagadzikana mune ese madhipatimendi eIT. Muchokwadi, nepo indasitiri yekuchengetedza yatanga kupa zvimwe zvigadzirwa zveOS X masisitimu, aya masisitimu dzimwe nguva anotarisirwa zvishoma uye anotariswa munzvimbo dzemakambani kupfuura vamwe vavo veWindows.
