Trojan:OSX/Zweite.A masquerades as a Safari application and when executed, can perform a variety of unauthorized actions.
Trojan:OSX/Zweite.A masquerades as a Safari application.
There are two 'variations' of the trojan: one for Intel Macs and the other for PPC Macs. It also comes with a configurator component for both OS X (Intel) and Windows. The configurator components are detected as Trojan:OSX/Zweite.A and Trojan:W32/Zweite.A respectively.
The malware author claims this trojan is his second OSX malware (hence where the name Zweite, which is German for 'second').
Upon execution, the trojan will attempt to perform a number of actions, which are specified by a text file named 'config.txt'. These actions may be any the following:
Date Created: -
Date Last Modified: -