New Dangerous Mac Malware Masquerades as File Converter App
https://www.intego.com/mac-security-blo ... teal-data/
" onclick="window.open(this.href);return false;
The new Mac malware
, identified by Intego VirusBarrier as OSX/Eleanor
The malware also installs three agents, which are launched at each startup, in the user’s directory:
The TOR hidden service (allows to access the backdoor web service).
The php web service (the backdoor control panel).
The PasteBin agent (used to store the unique TOR address of the controlled machine into pastebin.com).
If you believe your machine is infected, you can verify the presence of the directory and files mentioned above.