SabPub Mac Trojan spreads through Microsoft Office vulnerability

Shawn Knight

Shawn Knight

Posts: 15,290   +192
Staff member

Less than one week removed from the Flashback Trojan, there are reports of yet another Mac Trojan that is making the rounds. Backdoor.OSX.SabPub.a is designed to steal information from infected systems and uses an exploit in Java that allows it to remain untraced by malware detection products. The Trojan is said to connect to a command and control server based in California.

Costin Raiu from Kaspersky Labs explains that the Trojan is apparently distributed through Microsoft Word documents and is being spread through e-mails that direct users to specific URLs hosted in the US and Germany. The vulnerability is known as CVE-2009-0563.

Raiu noted in his post on Securelist that that he set up a fake victim machine which was hit on April 15. Based on the team's analysis of the attack, they are pretty confident that the operation of the bot was done manually, meaning a real person was on the other end going through the system’s files and even stealing some “goat” documents.

sabpup mac trojan spreading microsoft office trojan mac virus

Furthermore, similarities to another Trojan called LuckyCat suggest that Backdoor.OSX.SabPub.a could be targeting Tibetan activists. One of the Word documents is related to an announcement by the Deli Lama.

Over 600,000 Macs were infected with the Flashback Trojan last week with 56.6 percent of the infections originating in the US. Victims were infected simply by visiting a webpage that loaded the malicious script. Apple eventually released an update to patch the Java vulnerabilities that led to infection.

Permalink to story.

https://www.techspot.com/news/48213-sabpub-mac-trojan-spreads-through-microsoft-office-vulnerability.html

 
I can't wait till more articles like these come up, they give me a good laugh about the stupidity of isheeps.
 
crazy how whats in the red box (looks like a bunch of random typing to me) can be a torjan DX
 
Guest said:
I can't wait till more articles like these come up, they give me a good laugh about the stupidity of isheeps.
Click to expand...

People always tell me not to engage the trolls, but it's SOOO DIFFICULT!!!!

Ahem...

Looks like the Mac mythology is being debunked recently. Just in time for the new 2012 MBPs, too. I'd use it as a marketing strategy to sell the new models, stating that the new Ivy Bridge chips are impervious to trojans because they are cutting edge technology. Being that only 1 in 15 Apple loyalists would be able to smell the funk on that assertion, the strategy could pay off pretty handsomely.

Joking aside, I am surprised it's taken this long for OSX to be put in the crosshairs of coders out there.
 
Hmm... The new comment box apparently doesn't let me separate paragraphs? Interesting.
 
Yep we are the isheep with 5 or less articles. Windows users have over 200,000,000 million articles of infections. Every week you have a different virus. And last time I checked this trojan got through with windows office not make pages. So if you leave all the windows crapware off your mac you should not worry about trojans. Winsheeps are *****s. They get a rise on fix patch articles. Windows sold you crapware but yet we are the isheep. If you don't like mac why you even bother to read mac related articles or even have your vile comments. I am pretty sure you can enjoy your own finger well placed!
 
@davislane1 he's not trolling. It is a good laugh knowing that the isheeps are stupid enough to believe that their macs are perfect, and then this.

I'm glad that more people are taking aim at macs (would rather there be no maleware, but that's not happening anytime soon). It means that the isheep will learn the hard way that no system is perfect. Might even snap some of them out of the apple reality :p
 
davislane1 said:
People always tell me not to engage the trolls, but it's SOOO DIFFICULT!!!!

Ahem...

Looks like the Mac mythology is being debunked recently. Just in time for the new 2012 MBPs, too. I'd use it as a marketing strategy to sell the new models, stating that the new Ivy Bridge chips are impervious to trojans because they are cutting edge technology. Being that only 1 in 15 Apple loyalists would be able to smell the funk on that assertion, the strategy could pay off pretty handsomely.

Joking aside, I am surprised it's taken this long for OSX to be put in the crosshairs of coders out there.
Click to expand...

Yep but don't you also need upgraded users? Or should i say cutting edge users? Ones who don't buy bill gates toilet ware. I mean software?
 
"Yep we are the isheep with 5 or less articles. Windows users have over 200,000,000 million articles of infections. Every week you have a different virus. And last time I checked this trojan got through with windows office not make pages. So if you leave all the windows crapware off your mac you should not worry about trojans. Winsheeps are ******. They get a rise on fix patch articles. Windows sold you crapware but yet we are the isheep. If you don't like mac why you even bother to read mac related articles or even have your vile comments. I am pretty sure you can enjoy your own finger well placed!"

Trolol, the awesome moment when I don't even use windows but instead Linux. Troll bait mission accomplished.
 
"I'm glad that more people are taking aim at macs (would rather there be no maleware, but that's not happening anytime soon). It means that the isheep will learn the hard way that no system is perfect. Might even snap some of them out of the apple reality :p"

I'm glad someone was intelligent enough to realize what I was talking about. Apple has sold millions of people on this concept of "magical" invulnerability and how Macs can't get viruses or malware. Like millions of windows/linux/any other OS users have already known; security through obscurity is not true security. Now Macs are gaining more trend in the market shares, things like this will continue to pop up. I could care less if you have a Mac or like it, but don't be drinking the kool-aid thinking your platform is the end all be all and go spilling your "knowledge" to true computer enthusiasts who build, fix, or upgrade their own machines on what true knowledge really is. To us, you are truly dumb and deserve to be coined the term "isheep". Stupidity at its finest.
 
The reason I own a Mac is because I like the way they are built.... They are a thing of beauty. However, to assume they cannot get viruses, or it only got a virus because of Microsoft software is naive.

Of course as they gain more market share there will be new viruses. To say a Mac cannot get a virus is ignorant. I will say though... I don't get viruses. If I do I can get rid of it asap. I also Install Windows on my Mac :)

I am posting this from my MAC OS though. It has some pretty nifty features.
 
I'm on windows and I "don't get viruses". Have actually only had 1 at home in all 30 years of use. It's just a matter of probability.
 
Windows user currently - Ex Commodore loyalist and vowed neverr to touch an MS (never say never..) product or PC and i cannot stand MS's lamented attempts of security but having said that Mac is just as bad in no way are the two oranges and oranges, they are much different in their companys philosophy as to how they handle things in security.

I have used windows since 2000 after giving up on my trusty amiga 1200 and amiga 3000 etc at this time, in that time i have had about 15 PC's i have built and set up. My experience is that user common sense plays the biggest roll in not getting infected it is akin to a person who knows street smarts that some of us know net smarts i guess.

The Mac vs MS loyalists is a laugh tbh each OS has its own unique approach neither one is perfect it comes down to the muppet or puppeteer sitting behind the screen'(s).

If you want secure browsing use a Virtual Machine, load a snapshot (and dont save the snapshot after use or if you do have it tagged for what it is) each time you want to browse or such without worrying about infection spreading to the host then have a remote host scan any files and or outgoing incoming connections before saying any files you gained on the VM are safe.
 
My Windows machine does everything your machine does. I have wider range of to choose from when it comes to software an especially gaming. I have wider range of QUALITY hardware rather then being stuffed the same, limiting hardware. Oh and lastly I can mod it however I want it or at least to my knowledge.

So cut the bashing aside, either fanboy side is wrong and we all know it. People buy different system because to suit their needs. If I was going to buy a MAC id buy a Macbook, especially for my parents or family which are less techsave (alot less) then me.

But I prefer beasts rather then anything else. Beast which can whip your *** for half the cost.

As someone else said, "'Im on windows and I "don't get viruses" In my 7 years of experience (18 before that never had a computer with actually internet connection lol). Only had total of 10 viruses. On top of that, that is only because back then I was a napalm and downloaded crapware, deleted vital programs and other shenanigans. Come a long way ey?.

PS:

Wasup with being unable to add paragraphs to my post on the front page? Only works on the forum >.<
 
That is why Linux is more secure than other OSes, it has nothing to do with market size. A long time ago Microsoft did not have the biggest market share, but they still had the most viri and trojans. The common factor in all of this is the Oses with the worst security are the OSes that run Microsoft products.
 
Guest said:
That is why Linux is more secure than other OSes, it has nothing to do with market size. A long time ago Microsoft did not have the biggest market share, but they still had the most viri and trojans. The common factor in all of this is the Oses with the worst security are the OSes that run Microsoft products.
Click to expand...

These aren't vulnerabilities in the Mac OS itself. The recent trojans are because of a vulnerability in Java. Now the Mac ecosystem allowed these to come to the forefront because they took ~2 months to patch it while in Windows and Linux it was patched quickly. But touting Linux being more secure and using this as your evidence is disingenuous because had it not been patched in Linux, the same thing could have happened.

Previous Mac 'malware' has been based on social engineering techniques. If you can trick a user into giving out their root password, its game over on any OS. Win 7, OS X, and Linux are all pretty secure on the OS level now, the weak point is the user and unpatched software. In Lion, the unpatched software should become less of a problem because even if it has a exploit it will be sandboxed, preventing a full on system breach.
 
"But touting Linux being more secure and using this as your evidence is disingenuous because had it not been patched in Linux, the same thing could have happened."

Yes and no. In the case of the Java vulnerability, Linux could have been compromised, but not in the case of a security flaw in Microsoft Office products. Linux does not run Microsoft Office, that is one good thing Microsoft did.
 
You must log in or register to reply here.

Similar threads

Daniel Sims
LG TV owners should update their firmware, webOS vulnerability found in a few models
Replies
8
Views
131
subnex
S
Daniel Sims
Microsoft confirms standalone Office 2024 is coming to Windows and Mac later this year
Replies
15
Views
310
Gezzer
G
TS Dealmaster
  • Locked
Get a Microsoft Office lifetime license for $29, no subscription required
Replies
0
Views
881
TS Dealmaster
TS Dealmaster

Latest posts

Back