The pristine image of Macs was shattered recently by the Flashback Trojan that had infected 650,000 machines and now researchers have discovered two other variants of the Trojan that could potentially infect even more Mac computers. One is a variant of the Backdoor.OSX.SabPub.a, or simply SabPub, that also exploits a Java vulnerability, while the other attacks via Microsoft Word documents.
Anti-virus firm Kaspersky Lab identified the two variants, explaining that the SabPub Trojans are quite different from the Flashback variants. “SabPub is classic backdoor Trojan, so it opens full access to a victim’s system for attackers. Flashback and its known variants is downloader and clickjacking bot, which means it conducts click fraud scam by hijacking people’s search engine results inside their web browsers,” said Kaspersky Lab chief security expert Alex Gostev.
Gostev noted that the SabPub could potentially infect more machines than Flashback, especially since the second variant doesn’t take advantage of the Java vulnerability, which has now been patched. Instead, it infects machines through Microsoft Word documents distributed by email. However, the SabPub Trojans have so far been limited to targeted attacks.
Story Timeline
- Flashback trojan captures over half a million Macs
- Mac Flashback trojan manual clean-up detailed
- Apple makes second attempt at Trojan Java block
- Flashback trojan infected 2% of all Macs, Kaspersky confirms botnet size
- Kaspersky offers Mac Flashback trojan removal tool
- Apple Flashback malware removal in two easy steps
- New Apple Flashback removal for non-Java Lion Macs released
New Mac Trojans discovered, exploits Word is written by Rue Liu & originally posted on SlashGear.
© 2005 - 2012, SlashGear. All right reserved.
No comments:
Post a Comment