BlackHole is a variant of a well-known Remote Access Trojan (RAT) for Windows known as darkComet.
“Hello, Im the BlackHole Remote Administration Tool.
I am a Trojan Horse, so i have infected your Mac Computer.
I know, most people think Macs can’t be infected, but look, you ARE Infected!
I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.
So, Im a very new Virus, under Development, so there will be much more functions when im finished.
But for now, it’s okay what I can do?”
This message, displayed in the full screen window with the reboot button blocks user’s screen.
As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple’s increasing market share.
- Remote execution of shell commands.
- Opens URL using victim’s default browser.
- Sends a message which is displayed on the victims screen.
- Creates a text file.
- Perform shutdown, restart and sleep operation.
- Popping up a fake “Administrator Password” window to phish the target.
Video Demonstration :