TechSpot

New targeted Mac OS X Trojan requires no user interaction

By Archean
Apr 16, 2012
Post New Reply
  1. New targeted Mac OS X Trojan requires no user interaction

    Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kaspersky refers to it as “Backdoor.OSX.SabPub.a” while Sophos calls it at “SX/Sabpab-A.”

    After infecting a given Mac, this Trojan is like most: it connects to a remote website using HTTP in typical command and control (C&C) fashion to fetch instructions from remote hackers telling it what to do. The backdoor contains functionality to take screenshots of the user’s current session, upload and download files, as well as execute commands remotely on the infected machine. Encrypted logs are sent back to the control server, so the hackers can monitor activity.

  2. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,490   +292

    This one seems a lot more serious. Is it exploiting the same vulnerability? If so, then most everyone should be safe by now since Apple pushed out a couple java updates and a removal update several days ago.
  3. Archean

    Archean TechSpot Paladin Topic Starter Posts: 6,041   +72

  4. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,490   +292

    Edit - reread articles and see that it is a java vulnerability exploited through links in MS Word documents.. That seems pretty specific.

    Still, if its the same exploit, that should be fixed now (unless you are running Leopard or below).
  5. Archean

    Archean TechSpot Paladin Topic Starter Posts: 6,041   +72

    Yup, when the story broke out it was thought that it is related to java according to linked article, but as it turned out they were wrong hence, they also have updated the story saying it is related to word.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.