Adult webcam backdoor Sexy chat kostenlos im langan
In the case of the Java class file, it is run with UIElement set to true, which means that it does not show up in the Dock.Each of these samples were only ever submitted to Virus Total once, in June and July of 2013, and are only detected by a few engines under generic names.There are other indications that this malware has been circulating undetected for a long time.It also appears to be making connection attempts to devices it finds on the network.The presence of Linux shell commands in the original script led us to try running this malware on a Linux machine, where we found that – with the exception of the Mach-O binary – everything ran just fine.We also observed the malware downloading a perl script, named “macsvc”, from the C&C server.
This component appears to be intended to provide a kind of rudimentary remote control functionality.
Interestingly, it has code to do this both using the Mac “screencapture” command and the Linux “xwd” command.
It also has code to get the system’s uptime, using the Mac “uptime” command or the Linux “cat /proc/uptime” command.
The binary itself seems primarily interested in screen captures and webcam access, but interestingly, it uses some truly antique system calls for those purposes, such as: SGGet Channel Device List SGSet Channel Device SGSet Channel Device Input SGInitialize SGSet Data Ref SGNew Channel QTNew GWorld SGSet GWorld SGSet Channel Bounds SGSet Channel Usage SGSet Data Proc SGStart Record SGGet Channel Sample Description These are some truly ancient functions, as far as the tech world is concerned, dating back to pre-OS X days.
In addition, the binary also includes the open source libjpeg code, which was last updated in 1998.