Re: Neowin News: "Rare mac trojan exploits apple vulnerability"

Juan I. Cahis <jiclbchSINBASURA@xxxxxxxxxxxxx> writes:

Dear friends, see:

http://www.neowin.net/news/main/08/06/23/rare-mac-trojan-exploits-apple-vulnerability

Any comment?

From yesterday's SANS newsletter -

http://www.sans.org/newsletters/newsbites/newsbites.php?vol=10&issue=50

--Mac OS X Trojans Detected
(June 20, 21 & 23, 2008)
A recently detected Mac OS X Trojan horse program exploits a flaw in
Apple Remote Desktop Agent (ARDAgent) to load itself as root and take
control of vulnerable machines. The malware has numerous capabilities,
including keystroke logging, opening ports in the firewall to evade
detection, taking pictures with the built-in camera and turning on file
sharing. Users can protect their systems by removing ARDAgent from its
normal location and archiving it. A second Trojan affecting Macs
pretends to be a poker application and tries to gain secure shell access
to vulnerable machines.
http://www.scmagazineus.com/Two-in-the-wild-trojans-target-Mac-OS-X/article/111551/
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9101898&intsrc=hm_list
http://www.theregister.co.uk/2008/06/23/mac_trojan/print.html

I suggest reading the rest of this at the SANS link, above. And, if
you're concerned about security, subscribing to this and their other
newsletters (which are free) would be a good idea, too.

Billy Y..
.

Relevant Pages