Backdoor:OSX/Olyx.C connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Olyx.C is dropped into the system by malicious Word documents that exploit the vulnerability identified by CVE-2009-0563.
The malware drops the following copy of itself:
It creates the following launchpoint for the file above:
The malware connects to a2012[...].slyip.net[...] to obtain additional commands.
The backdoor is capable of performing the following actions: