A recent article by Swati Khandelwal on The Hacker News reports a new form of malware that is taking hold of many machines. Mokes, as it has been dubbed, has been found by Kaspersky to be able to infect all the major operating systems. The article focuses on the mac side of it as it was the part lastly discovered.
This form of malware creates a backdoor that can capture camera and keyboard inputs as well as take screenshots every thirty seconds. It also reportedly has the ability to search for word document files with a range of extensions. It even has the ability to monitor USB removal and insertion.
It runs off of Qt, a framework of C++ meant to be used for cross platform applications. It connects back a control and command server over AES-256 encryption, a very secure method. In part of its exploit it can take control of the terminal and send it commands.
It has been reported that upon infection of a Mac it will copy itself to parts of the filesystem belonging to Skype, Google, Firefox, and even Dropbox. The Linux variant is much less spread out and lacks Google and Skype.
The overall spread of this malware has yet to be discovered. It is clearly a very complex program but is not believed to be state funded nor is it being claimed by any large group.
-Evan Delmolino edd1717