Calisto
- Type:
- Malware
- Platform:
- Mac OS X
- Last updated:
- 08/01/18 4:26 pm
- Threat Level:
- High
Description
Calisto is a Trojan horse, thought to be a predecessor of Proton malware. It comes disguised as an installer for a legitimate program — an older version of Intego’s antivirus software — in the form of an unsigned DMG file. If a user attempts to install the fake software, they are presented with an interface that closely mimics Intego’s actual product. As part of the installation process, the Trojan requests the user’s login and password information, which is then used by the malware to gain further access to the system. If the Mac has System Integrity Protection (SIP) enabled, Calisto limits its activities to storing password and Keychain data in a special file, along with basic web history and network connection information. But if SIP is not enabled, Calisto is able to do far more: The malware establishes a way to launch itself automatically upon startup, enables remote access to the infected computer, collects additional information, and forwards all stolen data to a command and control server owned by the hackers.
Calisto Threat Removal
MacScan can detect and remove Calisto Malware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.