More Mac Malware


I subscribe to Sophos’ Naked Security on-line publication. I recommend that you do too, whether you are a Mac user or a Windows person. They not only keep you informed about the latest malware (Trojans, Viruses, Worms, Adware, etc.) but also give you hints on how to deal with it in a layperson’s vocabulary.  They also have a lot of other information as well.

Sabpab, new Mac OS X backdoor Trojan horse discovered

Join thousands of others, and sign up for Naked Security’s newsletter

by Graham Cluley on April 13, 2012 | Comments (38)

FMore malware for the Mac OS X platform has been discovered, hot on the heels of the revelation that some 600,000 Macs had been infected in the Flashback attack.

And just like Flashback, the new Trojan doesn’t require any user interaction to infect your Apple Mac.

The Sabpab Trojan horse exploits the same drive-by Java vulnerability used to create the Flashback botnet.

Sabpab

The newly discovered Sabpab malware is in many ways a basic backdoor Trojan horse. It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do. The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely.

The Trojan creates the files

/Users/<user>/Library/Preferences/com.apple.PubSabAgent.pfile

/Users/<user>/Library/LaunchAgents/com.apple.PubSabAGent.plist

Encrypted logs are sent back to the control server, so the hackers can monitor activity.

The potential for abuse of compromised Macs should be obvious, given the Trojan’s functionality.

Sabpab commands

The Sabpab Trojan is not believed to be anything like as widespread as Flashback, but still underlines the importance of protecting Macs against malware with an up-to-date anti-virus program and security updates.

It’s time for Mac users to wake up and smell the coffee. Mac malware is becoming a genuine issue, and cannot be ignored any longer.

Sophos products, including our free Mac anti-virus for home users, detect the Trojan horse as OSX/Sabpab-A.

Of course, those users who had already protected their computers with Sophos products were already defended against the Java vulnerability.

DownloadFree Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: