Backdoor:OSX/MacKontrol.A connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
MacKontrol.A is dropped into the system by malicious Word documents that exploit the vulnerability identified by CVE-2009-0563.
The malware drops the following copy of itself:
It creates the following launchpoint for the file above:
The malware connects tofreetibet2012[...].xicp.com[...] to obtain additional commands.
It is capable of performing the following actions: