OSX.Backdoor.Adwind is Mlwarebytes' detection name for a cross-platform remote access tool (RAT) that was written in Java.
Users may notice their webcam is active while they are not using it. On examination they may also find a seemingly ranom named plist file in the user LaunchAgents folder.
OSX.Backdoor.Adwind was distributed by mail as a jar attachment. The backdoor is designed to perform a number of other backdoor activities, such as downloading and executing new malicious files, executing remote commands and sending data from the infected system to a server controlled by the hacker(s).
Download and install the latest version of Malwarebytes for Mac.
Click the “Scan Now” button to perform a system scan.
If threats are detected during the scan, a count of detected threats is displayed. More detailed threat information is displayed after the scan completes.
Click “Confirm” to move the detected threats to Quarantaine.
If a restart is required to complete remediation of threats detected during a scan, you will be notified. When a restart is required, please remember to save all work before clicking “Restart”.
Select your language