And Just Like That, Another Mac OS X Trojan Found in the Wild

Though Macs aren’t exactly less vulnerable to viruses as Windows computers, they’ve always experienced less — mostly because there were a lot less people using Macs, thus a lot less people making viruses to infect them. Not too long ago, news broke that a malicious OS X virus spread around the digital tubes, infecting over half a million computers. Now, only a little over a week later, we get news that another OSX Trojan is circulating around our digital domain.

Costin Raiu, Kaspersky Lab security researcher, has identified the new Trojan. Called Backdoor.OSX.SabPub.a — with the more user-friendly name SabPub — the new Trojan connects to a remote website via Java exploits, with the intention of allowing a remote party to execute commands on the infected machine.

The Flashback exploit, from which some users may still be reeling, also used a Java exploit, but in that case with the end goal of stealing passwords and information.

Interestingly, Raiu notes that there are at least two SabPub variants out in the wild, one of which is as old as February, though somewhat luckily, SabPub seems to be delivered via targeted attacks, which lessens the possibility of a user contracting it. Raiu also notes that the second variant of SabPub appears to have been extracted, contracted, or distributed through Microsoft Word, as it is named “8958.doc” in their virus collection.

So — as always — regardless of what machine you’re using, be mindful of the files you accept, where you get them from, and what exactly you’re clicking when an annoying box pops up in the middle of your browsing experience and you really, really want it to go away.

(via CNET)

Relevant to your interests

• OS X got its very own malicious fake antivirus program
• Mac botnet has over half a million infected computers
• But then apple released a removal tool, thankfully

Have a tip we should know? tips@themarysue.com

Author

Close

James Plafke