Beware Mac OS X Users! Komplex Trojan Ahead!

A new Trojan has been found by the security researchers of Palo Alto Networks. This Trojan has been developed by its authors, especially to target aerospace industry. The name of the Trojan is Komlex. This Trojan is capable to execute, download and delete files from an infected Mac. This Trojan is a complete set of malicious tools, which can anonymously communicate with its authors through command and control servers. Hackers are targeting Mac Users with the help of a PDF document. Hackers are sending this malicious document as an email attachment. When users clicks on the malicious link to open that file, he/she is actually allowing this Trojan to run remote commands.

How Komplex Trojan Works?

According to security researchers, Komplex Trojan is saving a PDF document on infected Mac Systems. This PDF document contains the information about Russian Space Programs. In actual, this PDF document is just a trap. Hackers behind this Trojan, are diverting victims to another place by using this document. This Trojan works as a spyware and it collects the information of infected Mac System. Komplex Trojan can steal information about current version of Mac OS X, Details of User Accounts and All the current running programs. Komplex is sending this information to its creators, through Command and Control servers. By analyzing this information, hackers could send malicious commands as well. May be hackers are familiar with unknown security vulnerabilities of MacKeeper Antivirus software of Apple and they are exploiting these vulnerabilities by writing malicious codes in this Komplex Trojan.

Who is the author of this Trojan?

The team of Palo Alto’s Security Researchers have said, this Trojan might be developed by Sofacy Group named Russian Hacking Team. The codes of this Trojan are similar to another malware called Carberp. This Carberp named malware had been developed by hackers to target officials of United States through Email Phishing attacks. To develop Komplex Trojan, hackers have used the same malicious scripts and designs which they have used earlier to develop Carberp. Security Researchers have detected logs at the backend, in which they have found that this Trojan is also interacting with two domains www.apple-iclouds.net and www.itunes-helper.net.

According to security experts, this hacking group is one of the best hacking teams in the world. This hacking group have performed a number of high profile hacks. Hack of Democratic National Committee’s systems is one of its biggest examples. It is still not clear that how many systems have been infected by this Komplex Trojan, but hackers are spreading this Trojan very fast with the help of social engineering and phishing attacks.

Security Tips for Mac OS X Users