Mac OS X crimeware kit found on underground forums

Danish IT security vendor CSIS Security Group is warning Mac users to expect an avalanche of new information-stealing malware attacks after discovering what it claims to be the first crimeware kit aimed at the Mac OS X platform being traded on underground forums.

The authors of the kit are trying to keep a low profile, but it is being sold under the name Weyland-Yutani BOT and is already fully operational, according to CSIS.

"In the same way as several other DIY crimeware kits designed for PCs, this tool consists of a builder, an admin panel and supports encryption," wrote CSIS partner Peter Kruse in a blog post.

"The Weyland-Yutani BOT supports web injects and form grabbing in Firefox; however both Chrome and Safari will soon follow. The web injects templates are identical to the ones used in Zeus and Spyeye."

The first version of the kit is being sold on several forums for $1,000, he added.

Hacking kits designed for PCs have already spread far and wide on the web's underground forums and have been widely held responsible for the growing threats from malware such as the banking information stealing ZeuS Trojan.

"CSIS finds this crimekit to be quite disturbing news since Mac OS previously to some degree has been spared from the increasing amount of malware which has haunted Windows-based systems for years," said Kruse.

"This could have resulted in a false sense of security that might make Mac OS users especially vulnerable to a sudden and highly sophisticated attack. "

The bad news may not end there for Apple fans, with cyber criminals reportedly developing similar attack kits for the iPad, as well as Linux machines, he added.