Backdoor:OSX/Olyx.A connects to a remote server to receive further instructions, without knowledge or permission from the user.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
On installation, the malware drops and executes the following:
This component connects to a hard-coded IP address (located in Korea) to get additional commands.
The following launchpoint is created for the dropped file:
The trojan also replace the following file with a copy of itself: