Backdoor:OSX/MacKontrol.A connects to a remote server to receive further instructions, without the knowledge or permission from the user.
MacKontrol.A is dropped into the system by malicious Word documents that exploit the vulnerability identified by CVE-2009-0563.
The malware drops the following copy of itself:
It creates the following launchpoint for the file above:
The malware connects tofreetibet2012[...].xicp.com[...] to obtain additional commands.
It is capable of performing the following actions: