Renepo worms in on OS X

By

A new worm known as Renepo is turning off firewalls and other security measures built into Mac OS X.

A new worm known as Renepo is turning off firewalls and other security measures built into Mac OS X.


"Renepo makes such a wide range of security-related changes that all security bets are off once you have been compromised," said Paul Ducklin, Asia Pacific head of technology at anti-virus, anti-spam vendor, Sophos.

The worm can render an infected machine vulnerable to subsequent attacks by disabling security software, downloading hacking tools and making key system directories world-writeable.

"Because Renepo attempts to harvest user, configuration and password data for a wide range of applications, including FTP servers, web servers, browsers, the VNC remote control program and the operating system itself, it represents a huge security headache rolled into a single shell script," Ducklin said.

Renepo's ability to spread is limited as it only replicates across network shares. However Ducklin warned, "You do not want this thing in your OS X network."

The worm has yet to be reported in the wild. Ducklin said there is no immediate danger but suggests that it be a warning for Mac users.

"Hopefully, its existence will be a timely warning to any Mac users who still assume they are safe because the bad guys aren't interested in the Mac platform."

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

WhatsApp banned on US House of Representatives devices

WhatsApp banned on US House of Representatives devices

Victoria's first government tech chief steps down

Victoria's first government tech chief steps down

Log In

  |  Forgot your password?