Look out, Apple users: There's another Mac OS X Trojan out in the wild, and it might be heading your way.
The sneaky malware pretends to a be a Chinese-language PDF document about the Pinnacle Islands, eight uninhabited rocks in the East China Sea simultaneously claimed by Japan, Taiwan and mainland China.
If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a Trojan silently installs itself in the background as you try to sort out centuries-old territorial claims.
The Trojan doesn't really do anything — yet. But F-Secure, the Finnish security firm that discovered it, notes that it lays the groundwork for much more sophisticated attacks against Macs.
The Trojan installs "backdoor" software to give a remote operator control of the machine, and sets up a communication link with a currently inactive command-and-control server.
Those two steps, repeated in thousands of Macs, could create a Mac-only botnet — a vast army of "zombie" machines silently distributing malware and spam. Substitute an English-language document for global appeal, flip on the command-and-control server, and you're in business.
The growing market penetration of Macs in the worldwide PC market, coupled with the general cluelessness of Mac owners about the need for anti-virus software, has created a ripe field of millions of powerful, unprotected machines ready for exploitation by cyber criminals.
And for a cyber criminal, the best kind of botnet to run would be one comprised of machines whose owners think they'll never be infected.
Fortunately, anti-virus companies are here to help. F-Secure's paid Mac anti-virus software has already incorporated protection against this Mac-only Trojan, as has Sophos' free one.
The sneaky malware pretends to a be a Chinese-language PDF document about the Pinnacle Islands, eight uninhabited rocks in the East China Sea simultaneously claimed by Japan, Taiwan and mainland China.
If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a Trojan silently installs itself in the background as you try to sort out centuries-old territorial claims.
The Trojan doesn't really do anything — yet. But F-Secure, the Finnish security firm that discovered it, notes that it lays the groundwork for much more sophisticated attacks against Macs.
The Trojan installs "backdoor" software to give a remote operator control of the machine, and sets up a communication link with a currently inactive command-and-control server.
Those two steps, repeated in thousands of Macs, could create a Mac-only botnet — a vast army of "zombie" machines silently distributing malware and spam. Substitute an English-language document for global appeal, flip on the command-and-control server, and you're in business.
The growing market penetration of Macs in the worldwide PC market, coupled with the general cluelessness of Mac owners about the need for anti-virus software, has created a ripe field of millions of powerful, unprotected machines ready for exploitation by cyber criminals.
And for a cyber criminal, the best kind of botnet to run would be one comprised of machines whose owners think they'll never be infected.
Fortunately, anti-virus companies are here to help. F-Secure's paid Mac anti-virus software has already incorporated protection against this Mac-only Trojan, as has Sophos' free one.
No comments:
Post a Comment