Trojan steals Linux and Mac Data

Cross Platform Trojan steals Linux and Mac OS X passwords

Russian anti-virus company Doctor Web reported about the first cross-platform backdoor to run under Linux and Mac OS X identified as "BackDoor.Wirenet.1". This malicious program designed to steals passwords entered by the user in Opera, Firefox, Chrome, and Chromium, and passwords stored by such applications as Thunderbird, SeaMonkey, and Pidgin.

BackDoor.Wirenet.1 is the first-ever Trojan that can simultaneously work on these operating systems. BackDoor.Wirenet.1 is still under investigation.

At launch BackDoor.Wirenet.1 creates a copy in the user's home directory. To interact with the command server located at 212.7.208.65, the malware uses a special encryption algorithm Advanced Encryption Standard (AES). BackDoor.