Hacking toolkit for Apple gear released

Apple has finally been accepted into the realms of real computing as hackers have developed a tool-kit to take the expensive shiny toys to the cleaners.

For years, hackers could not be bothered with developing tools to hack Macs because it required the knowledge of a different language and the best you would find was a Coldplay collection. And shedloads of outbox emails attacking non-believing heretics.

Last week, we revealed malware was circulating which created porn pop-ups. The Apple community said that this was not malware because it required people to actually download it. You can see how far behind some Apple fans are when it comes to security research.

The Danish IT-security company CSIS Security Group has said that it has discovered the first advanced DIY (Do-It-Yourself) crimeware kit aimed at the Mac OS X platform.

Detailed information about the crimeware kit is not being leaked publicly, and it has just appeared on a few dodgy hacker forums. The writers of the kit are allowing some forums to see the content and they are strictly vetted before they are allowed in.

The kit works the same way as DIY crimeware kits designed for PCs. It consists of a builder, an admin panel and supports encryption and web injects.

It is being flogged under the name Weyland-Yutani BOT. A dedicated iPad and Linux release are under preparation as well.

At the moment the attack vector is Firefox; however both Chrome and Safari will soon follow. The method used is similar to the Zeus botnet software.

Videos of the kit show that it is fully operational and available for anyone who wants to pay a licence of 1,000 WMZ/LR. That’s about $982 in real money.

Security outfit CSIS said that the development of the crimekit is quite disturbing news, since MacOS previously – to some degree – has been spared from the increasing amount of malware which has haunted Windows-based systems for years.

“This could have resulted in a false sense of security that might make Mac OS user especially vulnerable to a sudden and highly sophisticated attack,” the outfit wrote on its bog.

Here is a video: