Researchers at security firms ESET and Sophos have issued warnings against a new backdoor Trojan named Tsunami which targets Mac OS X. Tsunami is controlled via IRC and it enables the infected machine to become a bot for Distributed Denial of Service attacks (DDoS). Infected machines will be controlled to flow a website with traffic in a typical DDoS attack.
According to a blog entry by a Sophos researcher, the intriguing aspect of Tsunami lies in its origins as it appears to have been ported from the old Linux Trojan 'Kaiten', which worked in an almost identical manner. The manner in which Tsunami infects a Mac OS X seems to be limited to physical implanting, whereby a hacker sits at the terminal to infect it with the Trojan, or by the terminal's owner own accord to participate in a concerted DDoS attack.
Both security firms have updated their products to detect Tsunami and they strongly advise Mac OS X users to protect themselves and not be complacent.
Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is non- existent. You only need to read our short history of Mac malware to realise that.