Backdoor.MAC.Eleanor is a new Tor-powered malware

Another danger emerges in the Internet world and this time it targets Mac users. The malware named Backdoor.Mac.Eleanor allows the attacker to take screenshots, covertly enable the victim's webcam or fully control the infected device. This threat was discovered and revealed by the security researchers from Bitdefender, so the chances of it being made up are very slim. Eleanor is masked in a conversion tool called EasyDoc Converter that many reputable websites distribute.

Once installed and launched, the application will display an interface allowing you to drag and drop files, but it won't actually convert them. Instead, it will run a background script creating a new folder called Dropbox (/Users/$USER/Library/.dropbox), which doesn't have anything to do with the popular cloud storage service. After it sinks its claws into a system, Eleanor activates a hidden Tor service, which allows the attacker to connect to the victim's computer through the network and publish the TOR URL that can be used to access the infected Mac. However, what's even worse is that the malware also installs a PHP application that gives the hackers full control over the files on the device, it lets them run a wide variety of shell commands or scripts, enables them to view all the running processes and perform numerous other nefarious tasks. Although it's practically impossible to tell how many devices have been compromised by Eleanor, the first known infection is dated April 19.

If you would like to read about other recent threats, you should check out "The Hummer Trojan secretly fills your phone with adult apps" or "Godless can covertly root your phone".

Comments

Guest #38430618

Is the Malware going to affect only Tor Browser users or anyone? Thanks!

 –  3 years ago  –  Was it helpful? yes | no (0)