Mac malware follows Flashback

By

Trojan targets patched Java vulnerability.

A new Mac trojan has been discovered infecting visitors to a Dalai Lama website.

Mac malware follows Flashback

F-Secure spotted the simple backdoor dubbed Dockster which could log keystrokes. 

It exploited the same patched Java vulnerability (CVE-2012-0507) used by the password-stealing Flashback trojan which infected potentially hundreds of thousands of Macs.

The unofficial Dalai Lama site was also serving a Windows exploit (Trojan.Agent.AXMO) which took advantage of a separate Java vulnerability that was patched with an emergency fix on 30 August.

The malware appeared to be the latest in a string of sustained attacks against Tibetan activists.

The latest versions of Mac OS X were immune from the threat.

"Current versions of Mac OS X and those with their browser's Java plug-in disabled should be safe from the exploit," F-Secure security adviser Sean Sullivan said.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?