This is from a reliable source in the UK.
It's reported that a new version of the Mac OS X 'Sabpab' Trojan horse exploit has come to light, and this time, rather than relying upon a vulnerability in Java, it appears to be exploiting malformed Word documents.
On opening the booby-trapped Word document on a vulnerable Mac, a version of the OSX/Sabpab Trojan horse gets installed on the computer opening a backdoor for remote hackers to steal information or install further code.
There is no prompt to enter your username or password when the malicious software installs itself onto your Mac.
A patch has been available for the vulnerability since 2009. To make sure that your version of Office for Mac is patched, open up any program from the MS Office suite, and choose the "Check for updates" option from the Help menu.
After infecting a given Mac, this Trojan connects to a remote website using HTTP to fetch instructions from remote hackers telling it what to do. The backdoor contains functionality to take screenshots of the users current session, upload and download files, as well as execute commands remotely on the infected machine. Encrypted logs are sent back to the control server, so the hackers can monitor activity.
This Trojan further underlines the importance of protecting Macs against malware with an updated anti-virus program as well as the latest security updates. A free anti-virus system is currently available from Sophos and software is also available from other suppliers.
-------------------------------------------------------------------------------------------------------------------
W E B L I N K S
Sophos: http://nakedsecurity.sophos.com/2012/04/16/sabpab-trojan-mac-word/
Sophos Descrioption:
http://www.sophos.com/en-us/threat-...d-spyware/OSX~Sabpab-A/detailed-analysis.aspx
ZDNet:
http://www.zdnet.com/blog/security/new-targeted-mac-os-x-trojan-requires-no-user-interaction/11545
c|net:
http://news.cnet.com/8301-13579_3-57414516-37/new-mac-os-x-trojan-unearthed-call-it-sabpub/
-------------------------------------------------------------------------------------------------------------------
Remember always to update anti-virus systems daily, to use a personal firewall and a spyware inhibitor and to check for system updates regularly.
Safe Computing!
It's reported that a new version of the Mac OS X 'Sabpab' Trojan horse exploit has come to light, and this time, rather than relying upon a vulnerability in Java, it appears to be exploiting malformed Word documents.
On opening the booby-trapped Word document on a vulnerable Mac, a version of the OSX/Sabpab Trojan horse gets installed on the computer opening a backdoor for remote hackers to steal information or install further code.
There is no prompt to enter your username or password when the malicious software installs itself onto your Mac.
A patch has been available for the vulnerability since 2009. To make sure that your version of Office for Mac is patched, open up any program from the MS Office suite, and choose the "Check for updates" option from the Help menu.
After infecting a given Mac, this Trojan connects to a remote website using HTTP to fetch instructions from remote hackers telling it what to do. The backdoor contains functionality to take screenshots of the users current session, upload and download files, as well as execute commands remotely on the infected machine. Encrypted logs are sent back to the control server, so the hackers can monitor activity.
This Trojan further underlines the importance of protecting Macs against malware with an updated anti-virus program as well as the latest security updates. A free anti-virus system is currently available from Sophos and software is also available from other suppliers.
-------------------------------------------------------------------------------------------------------------------
W E B L I N K S
Sophos: http://nakedsecurity.sophos.com/2012/04/16/sabpab-trojan-mac-word/
Sophos Descrioption:
http://www.sophos.com/en-us/threat-...d-spyware/OSX~Sabpab-A/detailed-analysis.aspx
ZDNet:
http://www.zdnet.com/blog/security/new-targeted-mac-os-x-trojan-requires-no-user-interaction/11545
c|net:
http://news.cnet.com/8301-13579_3-57414516-37/new-mac-os-x-trojan-unearthed-call-it-sabpub/
-------------------------------------------------------------------------------------------------------------------
Remember always to update anti-virus systems daily, to use a personal firewall and a spyware inhibitor and to check for system updates regularly.
Safe Computing!
