And Just Like That, Another Mac OS X Trojan Found in the Wild
Costin Raiu, Kaspersky Lab security researcher, has identified the new Trojan. Called Backdoor.OSX.SabPub.a — with the more user-friendly name SabPub — the new Trojan connects to a remote website via Java exploits, with the intention of allowing a remote party to execute commands on the infected machine.
The Flashback exploit, from which some users may still be reeling, also used a Java exploit, but in that case with the end goal of stealing passwords and information.
Interestingly, Raiu notes that there are at least two SabPub variants out in the wild, one of which is as old as February, though somewhat luckily, SabPub seems to be delivered via targeted attacks, which lessens the possibility of a user contracting it. Raiu also notes that the second variant of SabPub appears to have been extracted, contracted, or distributed through Microsoft Word, as it is named “8958.doc” in their virus collection.
So — as always — regardless of what machine you’re using, be mindful of the files you accept, where you get them from, and what exactly you’re clicking when an annoying box pops up in the middle of your browsing experience and you really, really want it to go away.
(via CNET)
- OS X got its very own malicious fake antivirus program
- Mac botnet has over half a million infected computers
- But then apple released a removal tool, thankfully
Have a tip we should know? tips@themarysue.com