Renepo worms in on OS X

By

A new worm known as Renepo is turning off firewalls and other security measures built into Mac OS X.

A new worm known as Renepo is turning off firewalls and other security measures built into Mac OS X.


"Renepo makes such a wide range of security-related changes that all security bets are off once you have been compromised," said Paul Ducklin, Asia Pacific head of technology at anti-virus, anti-spam vendor, Sophos.

The worm can render an infected machine vulnerable to subsequent attacks by disabling security software, downloading hacking tools and making key system directories world-writeable.

"Because Renepo attempts to harvest user, configuration and password data for a wide range of applications, including FTP servers, web servers, browsers, the VNC remote control program and the operating system itself, it represents a huge security headache rolled into a single shell script," Ducklin said.

Renepo's ability to spread is limited as it only replicates across network shares. However Ducklin warned, "You do not want this thing in your OS X network."

The worm has yet to be reported in the wild. Ducklin said there is no immediate danger but suggests that it be a warning for Mac users.

"Hopefully, its existence will be a timely warning to any Mac users who still assume they are safe because the bad guys aren't interested in the Mac platform."

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?