back to article EasyDoc malware adds Tor backdoor to Macs for botnet control

Security firm Bitdefender has issued an alert about a malicious app that hands over control of Macs to criminals via Tor. The software, called EasyDoc Converter.app, is supposed to be a file converter but doesn't do its advertised functions. Instead it drops complex malware onto the system that subverts the security of the …

  1. Youngone Silver badge
    Flame

    Smugness levels cut among Apple fanbois

    I hadn't noticed. It's early days though I suppose.

  2. Tim99 Silver badge
    Gimp

    You wasted electrons

    I don't think that the sky is falling quite yet. The first choice for this with two search engines is at macupdate.com - The page has one Comment/Review "TheSafeMac Jul 05, 2016 This is malware: OSX.Backdoor.Eleanor"

    It will not install unless the user overwrites their "Security & Privacy" settings to allow installation of apps from anywhere instead of the default restricted setting.

    A simple removal method is here. If you are as paranoid as I am, and still managed to install it, I would recommend the manual method instead of the one that requires a download!

  3. Dieter Haussmann

    Mac users should periodically check the contents of:

    /Users/yourself/Library/LaunchAgents

    /Library/LaunchAgents

    /Library/LaunchDaemons

    Remove anything from these folders with a software name you don't recognise or that should not be starting up when you boot or log on without you knowing or asking it to.

    Even if you delete something bona fide, it won't do any damage, it will just mean something like Adobe Autoupdater or Dropbox won't run automatically until manually run again.

  4. chivo243 Silver badge

    Gun, foot, self inflicted

    Just install it yourself! Or don't and don't worry, right Alfred?

    https://www.macupdate.com/app/mac/56544/easydoc-converter

    less than 1 star...

  5. John F***ing Stepp
    Trollface

    Now if you just had a good Operating system

    Like this 'sand-bagged' Android, why, you wouldn't have that problem.

  6. Anonymous Coward
    Anonymous Coward

    Near-intentional "infection"

    Well, don't take candy from the boogeyman, kids :)

    (Translation: don't allow app installation from _anywhere_ in Security & Privacy settings)

    And maybe use an app firewall like Little Snitch that will ring bells if apps to nasty stuff like calling out when they shouldn't...

  7. Pookietoo
    FAIL

    "transform your laptop into a botnet"

    That sounds like powerful magic.

  8. Mainway

    eh Firewall?

    Do any of the Mac fanbois actually use the BSD firewall, it came included, not like it's worth much considering all there Crypto is already suspect thanks to INTEL "ME" and AMD "PSP" and they probably never even took the time to turn it on or install the "XCode" code-base to be as up-to date as possible against vulnerabilities.

  9. Anonymous Coward
    Anonymous Coward

    So the user installed the malware after downloading some crappy doc converter ? So they either entered their admin details or run on an open admin account. No security model can mitigate users being tards. They must have even switched off the known developers filter.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like