NetWeirdRC is a commercial backdoor tool targeting Mac OS X 10.6 and later, as well as Windows, Linux and Solaris, according to Intego. The product is sold for US$60 in the malware world, relatively cheap in comparison to the OSX/Crisis malware that was being sold for €200,000 ($240,000).
It’s a commercial remote access tool, that after installation, calls home to the IP address 188.8.131.52 on port 4141 and awaits instructions. Then it carries out functions including installing files, gathering system information, stealing browser passwords and grabbing screen shots.
In addition, it said, the malware can "harvest stored and encrypted usernames and passwords from Opera, Firefox, SeaMonkey, and Thunderbird browsers and mail clients." It's able to infect Apple OS X (versions 10.6 and newer), Linux, Solaris, and Windows systems.
About the author