Mac malware follows Flashback

By

Trojan targets patched Java vulnerability.

A new Mac trojan has been discovered infecting visitors to a Dalai Lama website.

Mac malware follows Flashback

F-Secure spotted the simple backdoor dubbed Dockster which could log keystrokes. 

It exploited the same patched Java vulnerability (CVE-2012-0507) used by the password-stealing Flashback trojan which infected potentially hundreds of thousands of Macs.

The unofficial Dalai Lama site was also serving a Windows exploit (Trojan.Agent.AXMO) which took advantage of a separate Java vulnerability that was patched with an emergency fix on 30 August.

The malware appeared to be the latest in a string of sustained attacks against Tibetan activists.

The latest versions of Mac OS X were immune from the threat.

"Current versions of Mac OS X and those with their browser's Java plug-in disabled should be safe from the exploit," F-Secure security adviser Sean Sullivan said.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise

Service NSW centralises security, networking in mammoth CloudOps overhaul

Service NSW centralises security, networking in mammoth CloudOps overhaul

VicRoads to phase out passwords in favour of passkeys

VicRoads to phase out passwords in favour of passkeys

Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip

Log In

  |  Forgot your password?