Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Beware Mac OS X Users! Komplex Trojan Ahead!

 

 

A new Trojan has been found by the security researchers of Palo Alto Networks. This Trojan has been developed by its authors, especially to target aerospace industry. The name of the Trojan is Komlex. This Trojan is capable to execute, download and delete files from an infected Mac. This Trojan is a complete set of malicious tools, which can anonymously communicate with its authors through command and control servers. Hackers are targeting Mac Users with the help of a PDF document. Hackers are sending this malicious document as an email attachment. When users clicks on the malicious link to open that file, he/she is actually allowing this Trojan to run remote commands.

 

How Komplex Trojan Works?

According to security researchers, Komplex Trojan is saving a PDF document on infected Mac Systems. This PDF document contains the information about Russian Space Programs. In actual, this PDF document is just a trap. Hackers behind this Trojan, are diverting victims to another place by using this document. This Trojan works as a spyware and it collects the information of infected Mac System.  Komplex Trojan can steal information about current version of Mac OS X, Details of User Accounts and All the current running programs. Komplex is sending this information to its creators, through Command and Control servers. By analyzing this information, hackers could send malicious commands as well. May be hackers are familiar with unknown security vulnerabilities of MacKeeper Antivirus software of Apple and they are exploiting these vulnerabilities by writing malicious codes in this Komplex Trojan.

 

 

Who is the author of this Trojan?

The team of Palo Alto’s Security Researchers have said, this Trojan might be developed by Sofacy Group named Russian Hacking Team. The codes of this Trojan are similar to another malware called Carberp. This Carberp named malware had been developed by hackers to target officials of United States through Email Phishing attacks. To develop Komplex Trojan, hackers have used the same malicious scripts and designs which they have used earlier to develop Carberp. Security Researchers have detected logs at the backend, in which they have found that this Trojan is also interacting with two domains www.apple-iclouds.net and www.itunes-helper.net.

 

Also read: Android Trojan Alert! This Trojan is Stealing Your Money and Personal Details!

 

According to security experts, this hacking group is one of the best hacking teams in the world. This hacking group have performed a number of high profile hacks. Hack of Democratic National Committee’s systems is one of its biggest examples. It is still not clear that how many systems have been infected by this Komplex Trojan, but hackers are spreading this Trojan very fast with the help of social engineering and phishing attacks.

 

Security Tips for Mac OS X Users

  • If you are still using an old version of OS X, update it as soon as possible.
  • Never click on the suspicious links.
  • Do not open that email attachments, which you have got from unknown sources.
  • The domains www.apple-iclouds.net and www.itunes-helper.net are malicious. Never download any application from these domains.

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.