SvenOnTech » Blog Archive » Apple Nailed with Nasty Trojan That Takes Over Macs Emailing, Passwords, and Even Takes Your Picture

Welcome

Welcome to SvenOnTech! We strive to bring you news and opinions from a different angle. It's our hope that you'll love it here so much, that you won't be able to resist us!

Navigate

Encouragement

Christ is the visible image of the invisible God. He existed before God made anything at all and is supreme over all creation. - Colossians 1:15 NLT

ESV | NIV | KJV | AMP

Twitter

Spam Blocked

164,910 spam comments

blocked by
Akismet

RSS

Site Search:

Apple Nailed with Nasty Trojan That Takes Over Macs Emailing, Passwords, and Even Takes Your Picture

Author: Sven Rafferty

Friday, June 20, 2008

Mac fanboys love to point out the fact that Windows users must waste immense systems resources to protect themselves from the millions of viruses, trojans, and spyware that live on the Internet. Even Apple makes light of this Windows malware problem in its commercial entitled Viruses in which Mac says to PC, “I run Mac OS 10 so I don’t have to worry about your spyware and viruses”. Sadly, however, Macs are no more protected from such attacks as is the Windows operating system. With holes and security vulnerabilities found in OS X and its default applications, such as Safari’s Zero-day exploit, Apple needs to start taking some defensive moves as it increases sales of its shinny machines to unsuspecting “switchers”.

Point in case, today SecureMac is reporting that the AppleScript.THT Trojan Horse runs hidden on a Mac and , “Allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root.” Ouch! The trojan is distributed through web sites, iChat, and Limewire. This trojan only effects OS X 10.4 and 10.5.

There are a few ways to protect yourself from this trojan. One, do not download an AppleScript named ASthtv05 (60 KB in size), use sharing services such Limewire, or use a virus scanner such as SecureMac’s MacScan. SvenOnTech does not endorse this product; however, it would recommend it over Norton or McAfee as we have tested those on the Mac and they are horrible.

President of SecureMac, Nicholas Raba, cautions OS X users by telling SvenOnTech, “The increased number of threats, security advisories, and security updates is an indication that Mac users must pay attention to computer security issues. As Apple’s market share continues to grow, so will security research and hack attempts against OS X.”

Recommended reading: MacForensicsLab Malware document.

These icons link to social bookmarking sites where readers can share and discover new web pages.

This entry was posted on Friday, June 20th, 2008 at 13:27 and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Apple Nailed with Nasty Trojan That Takes Over Macs Emailing, Passwords, and Even Takes Your Picture”

Mike Says:
June 23rd, 2008 at 6:50
I assume you meant to type do not download…. instead of do now download…
Sven Rafferty Says:
June 23rd, 2008 at 7:58
Thanks, Mike. Silly spell check corrected the typo in the incorrect manner. Silly proof reader (me) missed it.

Subscribe to comments (E-mail field must be filled in)