New variant of HellRTS malware emerges

Stephen Withers
Monday, 19 April 2010 09:24

Business IT - Security

A six year old piece of Mac malware has been reborn.

Security vendor Intego is warning of a new variant of the HellRTS malware that dates back to 2004.

HellRTS.D, discovered last week by Intego, is said to be available through a number of online forums. The good news is that the company has not detected any infected Macs in thew wild.

HellRTS.D is not a virus or a worm, but Intego warns that it could be delivered as a Trojan horse - a technique that has proved to be marginally successful in the past. The company also points out the possibility of it being used as the payload of an attack that exploits a vulnerability in a web browser or other Internet application.

Another possibility is that the malware could be distributed as an attachment to spam email.

Intego says the malware has many functions, including sharing the infected system's screen, sending email from its own server (anyone for a spambot?), and providing remote access.

VirusBarrier X5 and X6 detected HellRTS.D from the April 15 update. There's no indication from Sophos or Symantec that their Mac products detect this variant.