A backdoor targeting Mac OS X and Linux. Monitors keystrokes, steals not only passwords entered in Opera, Firefox, Chrome, and Chromium but also passwords stored by such applications as Thunderbird, SeaMonkey and Pidgin.
When launched, adds its file into the current user's home directory.
- В MacOS: в папку %home%/WIFIADAPT.app.app
- В Linux: в ~/WIFIADAPT
Establishes a connection to the remote command and control server at 18.104.22.168.
Using Advanced Encryption Standard (AES), verifies the encryption routine for further communication with the server.