Newsletters
Customer Relationship Management News NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home CRM Systems Customer Service Business Intelligence Sales & Marketing More Topics...
APC Free White Paper
Optimize your network investment &
Enter to win a Samsung Galaxy Note

www.apc.com
Computing
24/7/365 Network Uptime
Average Rating:
Rate this article:  
Attention, Macs! More Trojan Malware Is Gunning for You
Attention, Macs! More Trojan Malware Is Gunning for You

By Barry Levine
April 16, 2012 10:58AM

Bookmark and Share
The Flashback Trojan and MacDefender, combined with this latest Trojan malware, could represent a turning point in Mac's reputation for security. While there had previously been demonstrations of Mac-targeted proof-of-concept viruses, as well as Office macro viruses and several other minor threats, Macs were generally ignored as a security target.
 


If you still harbor the delusion that Macs are relatively impervious to malware, yet another Mac-targeted attack should disabuse you of that notion. A security firm has located another Trojan that is designed for OS X, and, like another recent Trojan, it uses vulnerabilities in Java.

The newly discovered Trojan, called Backdoor.OSX.SabPub.a, allows the attacker to connect the infected machine to a Web site that can commandeer the Mac's operations, enabling remote execution of commands.

Under Development?

Kaspersky Lab's Costin Raiu, who reported the new Trojan on Saturday, noted on the company's SecureList blog that its "Java exploits appear to be pretty standard," but added that they have "been obfuscated using ZelixKlassMater" in order to avoid detection from anti-malware products.

Raiu said that it is currently unclear how many machines have been infected by this Trojan, but he noted that the backdoor functionality and other factors indicate that "it is most likely used in targeted attacks." He noted several reports that suggest the attack was "launched through e-mails containing a URL pointing to two Web sites hosting the exploit, located in U.S. and Germany."

Raiu also said that this Trojan's backdoor "has been compiled with debug information," which makes analysis easy and could indicate it is still under development.

Raiu has recommended 10 tips for boosting Mac security. These include creating a non-administrator account for everyday activities, using a sandboxed-Web browser such as Chrome, uninstalling the standalone Flash Player, uninstalling Java or at least disabling it in browsers, and using Office 2011 instead of 2008.

Flashback Malware Removal Tool

He also recommends using Mac's built-in Keychain password manager, enabling full disk encryption or FileVault, upgrading to Adobe Reader 10 or later, and installing a good security solution. For the latter, as might be expected, Raiu recommends Kaspersky Anti-Virus for Mac.

On a related front, Apple on Friday released the Flashback malware removal tool, in addition to the Java update it issued last week.

Earlier this month, Russian security firm Dr. Web said that more than 500,000 Macs had been infected by a Flashback Trojan, meaning that about 1 percent of the total installed base of Apple computers had been hit.

Some observers think the Flashback Trojan was created by the developers of last year's MacDefender attack. The Flashback Trojan is a drive-by download, which uses a Java vulnerability in Java-enabled browsers to install itself without user intervention.

The Flashback Trojan and MacDefender could represent a turning point in Mac's reputation for security. While there had previously been demonstrations of Mac-targeted proof-of-concept viruses, as well as Office macro viruses and several other minor threats, Macs were generally ignored as a target in favor of Windows, a much bigger target.

Charles King, an analyst with Pund-IT, noted that Microsoft has an "ongoing relationship" with Java owner Oracle, and so can pinpoint a Java-related problem and supply a fix relatively quickly.

But Apple, King said, "apparently doesn't have that kind of relationship with Oracle," and Apple's response "took longer" than was needed. In the future, with the prospects of more Mac-targeted attacks looming, King said the computer maker needs to respond "more transparently" and more quickly if it doesn't want to lose customers, particularly in enterprises.
 

Tell Us What You Think
Comment:

Name:

LP Bowden:

Posted: 2012-04-24 @ 6:33am PT
I find the 10 tips beyond my comprehension and ability to execute!
Need much simpler advice.



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Computing
1.   IBM Adds Disaster Recovery to SoftLayer
2.   Mark Hurd's 5 Keys to Market Success
3.   How To Beat the Heartbleed Bug
4.   OpenSSL Calls for More Support
5.   VMware Rolls Out DR-as-a-Service


advertisement
Don't Reset Passwords for Heartbleed?
Added caution needed to ensure security.
Average Rating:
Last Fixes Tuesday for XP, Office 2003
Microsoft closing out support for two.
Average Rating:
Tech 101: What Is Open Source?
Foundation of countless applications.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
IBM Offers Security, Disaster Recovery as SoftLayer Service
New disaster recovery and security services for SoftLayer clients are being added by IBM. Big Blue said the new capabilities will speed cloud adoption by alleviating concern over business continuity.
 
How To Beat the Heartbleed Bug
Heartbleed headlines continue as IT admins scramble for answers no one has. Early reports of stolen personal data, including 900 social insurance numbers in Canada, are starting to trickle in.
 
After Heartbleed, OpenSSL Calls for More Support
The president of the OpenSSL Foundation says more support is needed from companies and governments that use its software so that it can better spot and fix flawed pieces of code such as Heartbleed.
 

Enterprise Hardware Spotlight
Vaio Fit 11A Battery Danger Forces Recall by Sony
Using a Sony Vaio Fit 11A laptop? It's time to send it back to Sony. In fact, Sony is encouraging people to stop using the laptop after several reports of its Panasonic battery overheating.
 
Continued Drop in Global PC Shipments Slows
Worldwide shipments of PCs fell during the first three months of the year, but the global slump in PC demand may be easing, with a considerable slowdown from last year's drops.
 
Google Glass Finds a Home in Medical Education, Practice
Google Glass may find its first markets in verticals in which hands-free access to data is a boon. Medicine is among the most prominent of those, as seen in a number of Glass experiments under way.
 

Mobile Technology Spotlight
Amazon 3D Smartphone Pics Leaked
E-commerce giant Amazon is reportedly set to launch a smartphone after years of development. Photos of the phone, which may feature a unique 3D interface, were leaked by tech pub BGR.
 
Zebra Tech Buys Motorola Enterprise for $3.45B
Weeks after Lenovo bought Motorola Mobility’s assets from Google for $2.91 billion, Zebra Technologies is throwing down $3.45 billion for Motorola’s Enterprise business in an all-cash deal.
 
CTIA Caves, Volunteers Kill Switch Plan
After bucking against the concept of a smartphone kill switch, the CTIA just announced the “Smartphone Anti-Theft Voluntary Commitment” to thwart smartphone thefts in the U.S.
 

Navigation
CRM Daily
Home/Top News | CRM Systems | Customer Service | Business Intelligence | Sales & Marketing | Contact Centers | Customer Data | CRM Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.