..just hours after Microsoft Killed the Botnet responsible for MacDefender. The 41 thousand computers, that could have sent 3.8 Billion infected e-mails a day, was called Kelihos, or “Waledac 2.0”. Microsoft claims it was responsible for spam messages, ID-theft attacks, pump-and-dump stock scams and websites promoting the sexual exploitation of children. dotFREE Group SRO, John Does 1-22, and an individual Dominique Alexander Piatti are said to have owned domains and subdomains that were used to operate and control the Kelihos botnet. Piatti (Czech Republic) has been served notice of the lawsuit.
Trojan-Dropper:OSX/Revir.A is disguised as a Chinese PDF file, while actually maliciously installs Imuler.A, a backdoor programme used by hackers to gain access to your system.
“The malware then proceeds to install a backdoor, Backdoor:OSX/Imuler.A, in the background. As of this writing, the C&C of the malware is just a bare Apache installation and is not capable of communicating with the backdoor yet. The domain was registered on March 21, 2011 and was last updated on May 21, 2011.
Since this malware sample was received from VirusTotal, we cannot exactly be sure about the method it uses to spread. The most probable way is sending via e-mail attachment. The author could be just testing the water to see if the sample is detected by different AV vendors.“
In the time from now until a security update, users are advised not to open suspicious files.