Newsletter:

Skip Navigation LinksHome > News > Security > Twin Trojans attack Macs

Site Map |

Twin Trojans attack Macs

By Shaun Nichols
23 June 2008 07:41AM
Tags: apple | mac | trojan | malware | intego

Security researchers are warning users of a crop of new malware threats that have appeared for the MacOS in recent days..

The outbreak includes two Trojan applications and a publically disclosed remote code execution vulnerability.

Security firm Intego, which last fall uncovered the Mac 'DNS Changer' trojan, said that it had discovered a new malware threat posing as a poker game.

According to Intego, when the user attempts to launch the application, simply titled 'PokerGame', a dialog box appears asking for the machine's administrator password. When the password is entered, the application executes a script that logs the user's name, password, and IP address, then uploads the stolen data to a remote server.

An attacker would then have the ability to remotely access and control the system, says Intego.

Separately, Intego disclosed a vulnerability in OS X's Remote Management agent which could allow an attacker to remotely execute code with the privileges of the current user. A spokesperson told vnunet.com that the issue has been reported to Apple and no attacks in the wild have been reported as yet.

Meanwhile, fellow security vendor SecureMac reported another OS X trojan. The attack is distributed either an AppleScript known as ASthtv05, or bundled as an application under the AStht_v06. When executed, the script will allow an attacker to remotely access the user's iSight camera, log keystokes, retrieve screen shots and manipulate file sharing settings.

The reports mark the first new malware threats for the MacOS since last fall when a DNS changer trojan was spotted posing as a video codec. Security has long been a top selling point for Apple, as Mac malware has been seen as virtually nonexistent in comparison to the hundreds of thousands of malicious apps currently threatening Windows.

In addition to their own security software, both Intego and SecureMac recommend that users follow best practices of not opening unsolicited or suspicious files.

Copyright © 2008 vnunet.com

   


Ads by Google


Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 


 
Tripwire - Click here to win an iTouch



Tags

apple attack flaws iphone ipod itunes leopard mac macbook malware microsoft patch patches quicktime security spam store trojan update windows


Product Reviews

AdventNet ManageEngine
Star Rating
The AdventNet Manage-Engine Password Manager Pro provides a complete system for password management in one...
Cyber-Ark Software Enterprise Password Vault
Star Rating
The Cyber-Ark Enterprise Password Vault, or EPV, is a high-end password management powerhouse.
Hitachi ID Systems ID-Archive
Star Rating
The Hitachi ID-Archive sets its focus on password randomisation.
Lieberman Software Enterprise Random PM
Star Rating
The Lieberman Software Enterprise Random Pass­word Manager is a full-on password manager and randomiser for...
Proginet Corporation SecurForce
Star Rating
Proginet SecurForce is a little bit of a horse of a different color for this month's Group Test.
Unified Communications Podcast Centre

TopTopics
(6657) -  internet
(6420) -  iinet
(6395) -  copyright
(6395) -  afact
(5993) -  servers
(5993) -  mipi
(4821) -  telstra
(4506) -  broadband
(4449) -  nbn
(2962) -  internode
(2508) -  microsoft
(1887) -  network
(1478) -  data
(1434) -  software
(1369) -  google