OSX/Tsunami [Threat Name] go to Threat
OSX/Tsunami.A [Threat Variant Name]
|Signature database version||6573 (Oct 25, 2011)|
The trojan serves as a backdoor. It can be controlled remotely.
The trojan does not create any copies of itself.
In order to be executed on every system start, the trojan creates the following file:
The trojan acquires data and commands from a remote computer or the Internet.
The trojan connects to the following addresses:
The IRC protocol is used.
It can execute the following operations:
- download files from a remote computer and/or the Internet
- perform DoS/DDoS attacks
The trojan contains the following text:
- Kaiten wa goraku