This entry was posted on Friday, June 20th, 2008 at 13:27 and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Site Search:
Apple Nailed with Nasty Trojan That Takes Over Macs Emailing, Passwords, and Even Takes Your Picture
Friday, June 20, 2008
Mac fanboys love to point out the fact that Windows users must waste immense systems resources to protect themselves from the millions of viruses, trojans, and spyware that live on the Internet. Even Apple makes light of this Windows malware problem in its commercial entitled Viruses in which Mac says to PC, “I run Mac OS 10 so I don’t have to worry about your spyware and viruses”. Sadly, however, Macs are no more protected from such attacks as is the Windows operating system. With holes and security vulnerabilities found in OS X and its default applications, such as Safari’s Zero-day exploit, Apple needs to start taking some defensive moves as it increases sales of its shinny machines to unsuspecting “switchers”.
Point in case, today SecureMac is reporting that the AppleScript.THT Trojan Horse runs hidden on a Mac and , “Allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root.” Ouch! The trojan is distributed through web sites, iChat, and Limewire. This trojan only effects OS X 10.4 and 10.5.
There are a few ways to protect yourself from this trojan. One, do not download an AppleScript named ASthtv05 (60 KB in size), use sharing services such Limewire, or use a virus scanner such as SecureMac’s MacScan. SvenOnTech does not endorse this product; however, it would recommend it over Norton or McAfee as we have tested those on the Mac and they are horrible.
President of SecureMac, Nicholas Raba, cautions OS X users by telling SvenOnTech, “The increased number of threats, security advisories, and security updates is an indication that Mac users must pay attention to computer security issues. As Apple’s market share continues to grow, so will security research and hack attempts against OS X.”
Recommended reading: MacForensicsLab Malware document.
June 23rd, 2008 at 6:50
I assume you meant to type do not download…. instead of do now download…
June 23rd, 2008 at 7:58
Thanks, Mike. Silly spell check corrected the typo in the incorrect manner. Silly proof reader (me) missed it.