Dubbed Crisis the malware is particularly nasty as it does not need any user help to install itself and can hide itself from virus protection and detection applications. The trojan runs on OS X 10.6 and 10.7, and continues to run after system reboots. If the Mac user has Root access Crisis will install additional components which make it even harder to find.
Intego’s Lysa Myers said that the trojan was written in such a way to make it difficult to reverse engineer. While this anti-analysis technique is common in Windows malware, but is relatively rare in OS X malware. It indicates that the malware writers are stepping up their game when it comes to Macs.
Once installed, the malware contacts IP address 18.104.22.168 every five minutes while awaiting instructions. You can catch the Malware by visiting dodgy sites. One Apple fanboy when warned of the threat said that it was not a virus, only Windows users get viruses so he had nothing to worry about.