Security researchers at Bitdefender Antimalware Lab (Bitdefender is an antivirus software maker) have discovered a new piece of malicious software dubbed Backdoor.MAC.Eleanor. The malware even allows attackers to lock out rightful owners from their Macs by taking full control of OS X, the researchers say (via Cult of Mac).
The malware comes in the form of the EasyDoc Converter app, a drag-and-drop file converter available for download from many popular download sites. There is a major problem with this software, though: It has no functionality except to download a malicious script.
The malware creates a unique Tor address on the infected Mac computers, allowing attackers to connect to and access the complete file system. Backdoor.MAC.Eleanor uses a tool named “wacaw” to capture images and videos from built-in Web cameras.
“This type of malware is particularly dangerous as it’s hard to detect and offers the attacker full control of the compromised system,” says Tiberius Axinte, Technical Leader, at Bitdefender Antimalware Lab. “For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.”
Since the app isn’t digitally signed by Apple, and users can download apps from the Web instead of from the Mac App Store, Bitdefender security researchers recommend users change their security settings to allow app downloads from the App Store and identified developers only.