Two new threats in a week spark worries of approaching Mac malware era.
Users of
Apple Mac
systems, who have so far only suffered from minimal attention from malware creators, may need to take more care in future according to some security analysts, after the exposure of a significant vulnerability in the operating system and the release of two effective trojans within a week have left some pondering the possible advent of major malware problems for the
Mac
world.
The most significant threat comes from a trojan toolkit posted online, with its Applescript source designed to be hidden in any genuine application. Once running it attempts to exploit several known vulnerabilities, including a recently disclosed privilege escalation flaw, to install keyloggers and remote access tools. While the developers of the trojan have apparently claimed to have intended it merely as a proof-of-concept,
Mac
security specialist
SecureMac
reports sightings of several variants in the wild, and with the source being available and designed to be modular for easy adaptation, it seems likely that more will follow.
A second and less potent risk was also spotted targeting
Mac
users last week, which relied on social engineering rather than system vulnerabilities to obtain admin credentials on target systems. Having persuaded victims to provide passwords the malicious program then passes them on to a central point along with other system data.
An initial post on the Applescript trojan toolkit is at
SecureMac
here
, with more analysis and investigation on the
SecurityFix
blog
here
and in the
Register
here
.
Posted on 30 June 2008 by
Virus Bulletin
Leave a Reply