OSX/Jahlav-C

Category: Viruses and Spyware Protection available since:21 Aug 2009 20:11:33 (GMT)
Type: Trojan Last Updated:27 Aug 2009 03:39:30 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

OSX/Jahlav-C is a Trojan created for the Mac OS X operating system. OSX/Jahlav-C is used to deliver malicious code to the infected computer. The initial installer is distributed as a missing Video ActiveX Object, as described on the SophosLabs blog.

OSX/Jahlav-C creates a malicious shell script file named AdobeFlash in the /Library/Internet Plug-Ins folder and sets it to run periodically. The script contains another shell script in an encoded format which in turn contains a Perl script with the main malicious payload.

The Perl script uses http to communicate with a remote website and download code supplied by the attacker.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy