RSS Alerts

Share

More services

Related Stories

  • A Rotting Security Apple?
    Vendors, analysts, and commentators alike have long predicted a surge in malware affecting Apple’s products. Yet, until recently, these prognostications have failed to materialize. Drew Amorosi examines recent malware threats to Apple’s OS X operating system to find out if this is an anomaly, or a sign of things to come
  • Security and malware threats to Mac and Apple products are on the rise
    An annual report from security software provider Intego acknowledges it was a busy year for security threats to Apple devices, including the Mac OS X and iPhones. And while the Mac OS may be a less frequent target of malware authors, security threats to Apple products are proliferating as these devices land in the hands of more and more users.
  • New Zeus attack uses Adobe design flaw
    The Zeus botnet continues to spread graciously, according to new data collected by Websense – and other researchers say that it is exploring a recently discovered design flaw in the Adobe PDF file format.
  • Battle of the Internet Browsers
    Browsers are the hacker’s window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and looks at why user education is one of the primary solutions for increased security
  • Windows autorun trojan tops November malware chart
    The latest monthly malware chart from BitDefender claims to show that the largest risk to computer users is currently Trojan.AutorunINF.Gen, a generic family of trojan malware abusing the autorun feature in Windows.

Top 5 Stories

News

Mac Trojans Proliferate

04 February 2009

Malware writers must be celebrating the 25th anniversary of the Mac. Intego, which produces antivirus software for the OS X. platform, noticed two Trojan programs circulating in the past week on peer-to-peer sites, buried within pirated copies of high-value Mac programs.

The first, discovered on January 21, is called OSX.Trojan.iServices.A, and was embedded in a hacked version of iWork 09, the latest version of Apple's productivity suite, which shipped around the same time. A variant was found last Monday, planted in a pirate program designed to unlock Adobe Photoshop CS4 for Mac.

The iWork Trojan is embedded in the program's installer, as iWorkServices.pkg. The Trojan is installed as a start-up item, meaning that it will be loaded every time OSX is booted. It connects to a remote server, and has the capability of downloading additional components to an infected machine, Intego warns.

The OSX.Trojan.iServices.B variant works slightly differently, installing itself via a crack application used to generate a serial number for the downloaded copy of Photoshop CS4. The Adobe binary itself is clean. The crack application installs a backdoor in /var/tmp/, launching it with root privileges to create a start-up item. The program then contacts the same online servers as its predecessor, which has been used in denial of service attacks, according to Intego.

McAfee says that these Trojans represent a departure from traditional Mac Trojans, which it called "lame".

"The iWork09 Trojan represents a new element to Mac Trojans — sophistication. This one contains peer to peer-like characteristics and even encrypts its traffic," said the firm's researchers.

Kaspersky also found two pieces of malware circulating for the Mac, which it has called not-a-virus:FraudTool.OSX.iMunizator.

"The software generates messages about infections/problems on the machine. These are fake warnings," said Roel Schouwenberg, senior AV researcher for Kaspersky Lab Americas. "To get these infections/problems removed, the user has to pay money. On the Windows platform this is currently a very popular type of malware and is called fraudware, rogueware or scareware. The bad guys are making heaps of money with this tactic on Windows. Probably they also have a relatively decent revenue on the Mac."

Kaspersky has warned that Mac malware in the wild as has been proliferating. According to the company's research, instances of software for the platform rose from eight in 2006 to 35 in 2007.

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012