A new worm known as Renepo is turning off firewalls and other security measures built into Mac OS X.
"Renepo makes such a wide range of security-related changes that all security bets are off once you have been compromised," said Paul Ducklin, Asia Pacific head of technology at anti-virus, anti-spam vendor, Sophos.
The worm can render an infected machine vulnerable to subsequent attacks by disabling security software, downloading hacking tools and making key system directories world-writeable.
"Because Renepo attempts to harvest user, configuration and password data for a wide range of applications, including FTP servers, web servers, browsers, the VNC remote control program and the operating system itself, it represents a huge security headache rolled into a single shell script," Ducklin said.
Renepo's ability to spread is limited as it only replicates across network shares. However Ducklin warned, "You do not want this thing in your OS X network."
The worm has yet to be reported in the wild. Ducklin said there is no immediate danger but suggests that it be a warning for Mac users.
"Hopefully, its existence will be a timely warning to any Mac users who still assume they are safe because the bad guys aren't interested in the Mac platform."
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Private AI vs Public AI: How your organisation can securely adopt AI without compromise and excessive cost
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
