Macs have had the privy of not owning market share. Now, that’s good and bad. Good in that malicious individuals won’t target you because of the ROI. And it’s bad because you don’t have much market share! Anyway, Various sources are indicating that a Mac trojan, named AppleScript is actively being exploited.
The problem with this trojan, in terms of design, is that it has to be run on the machine by the current user. Hackers are currently dumping variants of the trojan onto peer to peer sharing services in hopes of getting some folks. If you were to install the downloaded package, you would be essentially giving control of your Mac to hackers. Here is part of the notice from SecureMac:
“The Trojan horse runs hidden on the system, and allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root.
The Trojan is distributed as either a compiled AppleScript, called ASthtv05 (60 KB in size), or as an application bundle called AStht_v06 (3.1 MB in size). The user must download and open the Trojan horse in order to become infected. Once the Trojan horse is running, it will move itself into the /Library/Caches/ folder, and add itself to the System Login Items”
If you would like to make a comment, please fill out the form below.
Recent Comments