Ventir: New Mac malware, Trojan Horse

As reported by The Safe Mac here, and Kapersky Labs here, a new trojan horse “Ventir” has been discovered which infects Macintosh OSX.  The vector for infection has not been determined, but the Ventir installer must be run, either as part of another program installer or as a trojan horse (masquerading as something else).  It has two methods of installation, including one which will continue to infect the Mac even if Administrative privilege is denied after the installer starts.

The malware is called a modular malware program, there are two known components – it acts as a keylogger, capturing your keystrokes and sending them, plus it opens a back door for installation of other malware. Because at this point it isn’t known what this “Dropper” component may install, the indicated disinfection for a compromised machine is “nuke-and-pave”, or complete reformatting of the hard drive and re-installation of OSX and your programs from known-clean sources such as your original DVDs or installer files.

According to reports, ESet antivirus software has signatures for this malware, and Apple are working on an XProtect update.

This entry was posted in Computer Questions and Answers, Mac questions, News, Security, Viruses and malware and tagged , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.