Kaspersky Labs discovered a new piece of malware, dubbed Mokes, first in January this year. This backdoor has variants cross operating systems, including Windows, Linux and Mac OS X, written in C++ using Qt, a cross-platform application framework.
This backdoor specializes in capturing audio-video, obtaining keystrokes, taking screenshots every 30 seconds, monitoring removable storage like USB drive from victim’s machine. It can also scan the system for files with suffix .docx, .doc, .xls and .xls. This backdoor connects to command-and-control server with an encrypted channel using AES-256 encryption. It also copies itself to a handful of locations including caches belonged to Skype, Dropbox, Google and Firefox.
Infection vector and how widespread it is remains unknown to this point.