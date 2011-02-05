Calisto variant has reemerged to threaten Mac users with backdoor access

July 2018 by Jeremy Samide, CEO of Stealthcare

Trojan malware is among today’s most frequently deployed cyber threats, with two of the latest variants, Quasar and Sobaken being used primarily for government and corporate espionage.

Additionally, Vermin, an open-source, Remote Access Trojan or RAT has been targeting victims in Ukraine, while DanaBot—a new banking Trojan—targets users in Australia.

“These new RATs support 24 implemented and several optional commands, including audio recording, keylogging and password theft. Attackers use Virtual Network Computing or VNC to create and control remote hosts, steal private and sensitive information and communicate the data covertly via Tor,” observes Jeremy Samide, CEO of Stealthcare, an international cybersecurity and threat assessment firm with offices in Cleveland, Los Angeles and Toronto.

Calisto infects Mac

As with most Trojan variants,Vermin and DanaBot target Windows users exclusively, however Mac users are now at risk from Calisto, a Mac backdoor that reemerged last week after lying dormant since 2016. “The operator’s motives are unclear as this backdoor provides total access to the infected machine, offering myriad possible courses of action. Callisto also contains several unfinished functionalities suggesting it is still in active development,” according to the latest weekly Stealthcare Alert that warns clients of emerging threats. “Calisto’s functions include loading and unloading the kernel extensions for handling USB drives, data theft from user directories, and self-destruction together with the destruction of the Operating System.”

