Category: Viruses and SpywareProtection available since:01 Nov 2010 20:53:33 (GMT)
Type: TrojanLast Updated:01 Nov 2010 20:53:33 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

OSX/Hovdy-A is a Trojan for the Mac OS X platform.

When run the Trojan will attempt to install itself to the /Library/Caches folder and perform the following tasks:

  - disable system logging and delete system log files
  - start PHPShell and web server
  - start ARD, VNC and SSH services
  - disable system updates
  - open ports in the firewall
  - disable third party security software
  - install LogKext keylogger
  - steal various password hashes and keys which may be used to compromise other systems

OSX/Hovdy-A will also attempt to use the ARDAgent vulnerability to obtain root access.