We’ve talked in the past about trying to beef up the OS X (Darwin) coverage by RKHunter and this one would seem to be a perfect opportunity: <http://www.fireeye.com/blog/technical/malware-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html>. There’s a lot of detail about what files are found where in the Appendix.
A sample of the executable can be found on VirusTotal if you have privileges there <https://www.virustotal.com/en/file/1db30d5b2bb24bcc4b68d647c6a2e96d984a13a28cc5f17596b3bfe316cca342/analysis/> -Al- -- Al Varnell Mountain View, CA ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that Matters. http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
