Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.

Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may need to take more care in future according to some security analysts, after the exposure of a significant vulnerability in the operating system and the release of two effective trojans within a week have left some pondering the possible advent of major malware problems for the Mac world.

Advertise on www.virusbtn.com

The most significant threat comes from a trojan toolkit posted online, with its Applescript source designed to be hidden in any genuine application. Once running it attempts to exploit several known vulnerabilities, including a recently disclosed privilege escalation flaw, to install keyloggers and remote access tools. While the developers of the trojan have apparently claimed to have intended it merely as a proof-of-concept, Mac security specialist SecureMac reports sightings of several variants in the wild, and with the source being available and designed to be modular for easy adaptation, it seems likely that more will follow.

A second and less potent risk was also spotted targeting Mac users last week, which relied on social engineering rather than system vulnerabilities to obtain admin credentials on target systems. Having persuaded victims to provide passwords the malicious program then passes them on to a central point along with other system data.

An initial post on the Applescript trojan toolkit is at SecureMac here, with more analysis and investigation on the SecurityFix blog here and in the Register here.

30 June 2008

Tags: apple, exploit, mac, trojan, vulnerability.    del.icio.us  digg this! digg this

2 comments

It can't be true, Macs are completely secure right? Right?

by AgITguy, 01 July 2008, 16:03

To quote from the Bullitin 'THE STUPIDITY OF A GREAT NUMBER OF USERS CANNOT BE BEATEN' --

Both these threats count on the users, and I am sure that using OSX does not confer any more common sense on the user than using any other OS -- compounded by Mac users being convinced that they are immune to threats and Apple's bizarre decision to allow applescript run as root, for "convenience".

by Andy Fisk, 02 July 2008, 14:07

Comments are closed.

Poll

How should software and OS patching/security updates be managed?
Manually, at the user's discretion
Automatically via an optional, user-defined schedule
Automatically via a fixed, but optional schedule
Automatically via a fixed schedule, on by default with opt-out system
Automatically and silently, with no option to run unpatched

Leave a comment
View 19 comments
Jobs Career Sidebar

VB2009

VB2009 VB2009 will take place 23-25 September 2009 at the Crowne Plaza Geneva, Switzerland.
Virus Bulletin currently has 165,683 registered users.