Morcut malware – aka Crisis – was apparently specifically coded to spy on infected Mac OS X users
by hijacking video and audio data.
According to Sophos Security researchers, OSX/Morcut-A also includes hooks to control and monitor the following operations:
– Mouse coordinates
– Instant messages
– Location
– Clipboard contents
– Key presses
– Running applications
– Web URLs
– Screenshots
– Calendar data & alerts
– Device information
– Address book contents
“In short, if this malware managed to infect your Mac computer it could learn an awful lot about you, and potentially steal information which could read your private messages and conversations, and open your email and other online accounts,” Sophos analyst Graham Cluley confirmed.
Fortunately, Morcut hasn’t been spotted in the wild – yet. As such, the threat is categorized as relatively low.
Nevertheless, warns Cluley, the complexity of the Morcut malware is yet another indication that malicious software on the Mac is becoming more serious – and designed to make money at your expense.
“If you haven’t already done so, you really should run anti-virus software on your Mac. The software in the Mac App Store is (unfortunately) not up to the job, as it doesn’t include the real-time component essential to scan every file (and thus every potential threat) as it is opened,” he added.
