Calisto variant has reemerged to threaten Mac users with backdoor access
July 2018 by Jeremy Samide, CEO of Stealthcare
Trojan malware is among today’s most frequently deployed cyber threats, with two of the latest variants, Quasar and Sobaken being used primarily for government and corporate espionage.
Additionally, Vermin, an open-source, Remote Access Trojan or RAT has been targeting victims in Ukraine, while DanaBot—a new banking Trojan—targets users in Australia.
“These new RATs support 24 implemented and several optional commands, including audio recording, keylogging and password theft. Attackers use Virtual Network Computing or VNC to create and control remote hosts, steal private and sensitive information and communicate the data covertly via Tor,” observes Jeremy Samide, CEO of Stealthcare, an international cybersecurity and threat assessment firm with offices in Cleveland, Los Angeles and Toronto.
Calisto infects Mac
As with most Trojan variants,Vermin and DanaBot target Windows users exclusively, however Mac users are now at risk from Calisto, a Mac backdoor that reemerged last week after lying dormant since 2016. “The operator’s motives are unclear as this backdoor provides total access to the infected machine, offering myriad possible courses of action. Callisto also contains several unfinished functionalities suggesting it is still in active development,” according to the latest weekly Stealthcare Alert that warns clients of emerging threats. “Calisto’s functions include loading and unloading the kernel extensions for handling USB drives, data theft from user directories, and self-destruction together with the destruction of the Operating System.”
With cyberattacks becoming more pervasive and sophisticated, Stealthcare has changed cybersecurity from defense to an aggressive stance that relies on early warning and threat assessment, as well as artificial and human intelligence. Stealthcare’s proprietary platform Zero Day Live, warns clients of emerging threats and provides countermeasures.
Samide adds, “Playing defense is not enough. When we developed Zero Day Live, it became the first complete cyber threat intelligence aggregation platform to spot emerging trends, uncover actionable information, and report on high-value intelligence. The platform enables our clients to respond quickly to impending cyberattacks.” Stealthcare researchers and technical staff also provide ongoing assistance that includes human threat assessment and, if need be, disaster recovery as well as tactics to ward off future attacks.