Source: Help Net Security
In this article “A new Mac Trojan – dubbed Crisis or Morcut – has been spotted but, luckily, not in the wild.
Security firms Intego and Sophos have picked up samples from Virus Total, which shares the samples submitted to it with AV developers, and the fact that it could be found only there shows that the threat is extremely low risk.
Nevertheless, the malware itself is far from harmless.
It can compromise the last two version of Apple’s OS X (10.6 and 10.7) and it doesn’t require a password to be entered to do it.
“The Trojan preserves itself against reboots, so it will continue to run until it’s removed,” Intego researchers explained. “Depending on whether or not the dropper runs on a user account with Admin permissions, it will install different components.”