New Mac OS Trojan Seen in the Wild

In the world of cyber crime, team of security analysts have spotted a new Mac Trojan infection in wild that is capable to compromise almost all Systems executing on Apple Inc. including Mac OS X 10.4 or 10.5. The name of the recently identified Mac Trojan is Calisto which can be identified as the new variant of Mac malware Proton.

New Mac OS Trojan

Information That You Must Know About New Mac OS Trojan

According to the malware researchers, first of all malware was uploaded to the VirusTotal way back in 2016. As per the security researchers opinion, Calisto may be the precursor to Proton and it made the InfoSec headlines in year 2017. Calisto is usually spread via fake Intego Mac Internet Security X9 installer. The delivery method of this malware is similar to the Proton’s. But bear in you mind that it is not only method through which the authors of Calisto infects System users.

The malware was seen in wild when DVD ripping tool Handbrake was hacked to spread the Proton in May 2017 later it was seen again in the October 2017 that followed the hacked of Eltima Software site. The delivery method is not an evidence to prove3 the link between Proton and Calisto. The known member of Proton malware family were spread and discovered in 2017 while The Calistro was not detected later that 2016.

Judged in it’s behavior and activities, most of the security analyst assume that it could be the first variant of Backdooor.OSX.Proton or the Proton or prototype. It is supported by the huge number of unused and not completely implemented functions. Similar to the Proton, Calisto is also capable to steal the large amount of user’s personal data.

Related News: Mac Crypto-Mining Virus Spread Via MacUpdate

Know About The Behavior of Calisto’s

Luckily, Calisto can be described as the dead in water because it no longer exists. But the addition of SIP to Mac OS X 10.11 on the September 30, 2018 caused too much issues for Calisto. Actually SIP stands for System Integrity Protection, it is a security feature that compromises the number of mechanisms enforced by kernel. SIP pretends itself as a useful one that claims to deliver lots of beneficial feature. It claims to protect the System owned files and the directories . Despite of all facts, Calisto is capable to make several modifications to SIP protected locations and the functionality of System.

Some of the System users take Calisto malware in light but they have no idea that it is unable to perform some of its duties. It is capable to steal users personal as well as password related files like other variants of Proton. Therefore. The deletion of Calisto is highly recommended from compromised or infected machine.

Ways Through Which Defend Mac System Against Calisto

  1. Be ware while surfing web and doing online operation.
  2. Use only legitimate sources to download and install any freeware packages.
  3. Don’t use any contaminated device to transfer data.
  4. Don’t open any spam campaigns or junk mail attachment sent to your inbox from unknown sender.
  5. Keep your installed application and Security software up-to-date.
  6. Always scan your Mac System on regular basis etc.

Leave a Comment

Your email address will not be published. Required fields are marked *