‘Eleanor’ malware spies on and takes control of Macs
A newly discovered malware capable of cyberespionage and remote takeover is targeting Mac computers, delivering its payload by opening up a backdoor connection to a command-and-control (C&C) web server via the encrypted Tor network.
Named Eleanor (or Backdoor.MAC.Eleanor), the malware arrives disguised as a drag-and-drop file conversion application called the EasyDoc Converter, which is found on many credible third-party sites, according to an analysis from Bitdefender, whose security researchers uncovered the malware.
In reality, the program’s true purpose is far more malevolent, granting cybercriminals or cyberspies a backdoor connection that allows them to manipulate files, execute commands and scripts (including at the root level), penetrate firewall defenses, administer databases, discover applications running on a machine, and send emails with attached files.
The malware also uses a webcam control panel tool to capture images and videos from built-in webcams, as well as a daemon agent that collects infection information, fetches and updates computer files; and executes shell scripts, reported Bitdefender.
Read more here.