A backdoor targeting OS X and Linux. Monitors keystrokes, steals not only passwords entered in Opera, Firefox, Chrome, and Chromium but also passwords stored by such applications as Thunderbird, SeaMonkey, and Pidgin.
When launched, adds its file into the current user's home directory.
OS X: %home%/WIFIADAPT.app.app
Establishes a connection to the remote command and control server at 220.127.116.11.
Using Advanced Encryption Standard (AES), verifies whether a connection to the command and control server is established or not.