Published in News

Hackers come up with new Mac virus

by on16 April 2012



While Apple fiddles


While Apple messes around trying to find a cure for a malware attack which infected 600,000 of its customers, the writers have come up with a better strain.

The malware depended on an exploit of Java code which Apple could not be bothered upgrading.  After the malware signed up 600,000 users to its botnet, Apple managed the upgrade but was still working out how to free its users from the botnet's grip. However the malware writers are doing what they always do – moving fast to adapt.

A new Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is also exploiting Java vulnerabilities in a way that requires no user interaction. It is being used in targeted attacks. Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kaspersky refers to it as “Backdoor.OSX.SabPub.a” while Sophos calls it at “SX/Sabpab-A.”

Mac users can check to see if they have been infected by looking for the following files:

/Library/Preferences/com.apple.PubSabAgent.pfile
/Library/LaunchAgents/com.apple.PubSabAGent.plist

It seems the days of Apple kit being protected because no one wanted to steal their Coldplay collection is over.  Rather than believing that only Windows machines have malware problems, it is time that Apple users worked out that the only reason they have not been hacked is that virus writers could not be bothered.

Cue lots of whinging fanboys in the comments box, our guess is that high up on the list is the comment that the Mac has not got a virus, it is just malware.

Rate this item
(0 votes)

Read more about: