Sophos, a leading security firm with headquarters in both the UK and the USA and with offices throughout Europe and Asia have discovered two new pieces of Malware for Apple Mac computers.
We are quite familiar with Viruses, Worms, Trojans and various Malware, Adware and Spyware on PCs running Windows but so far Apple computers have not been hit as hard as those with Microsoft operating systems.
“I’ve got a theory that, although many people are undoubtedly buying Apple computers because they’re beautifully designed and well marketed, there will also be some who have dumped Windows because they are fed up with the spyware, pop-ups and virus attacks,” said Graham Cluley, senior technology consultant at Sophos.
“Indeed, some of the people who may well have suffered a lot from those kind of attacks in the past may be exactly the same kind of folk who visit the grubbier areas of the internet in the wee small hours of the morning…and they may feel that one of the side benefits of switching to a Mac is that they won’t have to worry about all of those nasty things while they’re watching nasty things.”
One piece of Malware is a Trojan called Jahlav-C created for the Mac OS X which is embedded in an apparent pornography website. It looks like it’s an Active X video codec that you need to download before you can view the content of the website.
According to information on Sophos’s website “As a part of the installation a malicious shell script file AdobeFlash is created in /Library/Internet Plug-Ins folder and setup to periodically run. The script contains another shell script in an encoded format which in turn contains a Perl script with the main malicious payload. The perl script uses http to communicate with a remote website and download code supplied by the attacker.”
You can find a video of this attack on YouTube courtesy of Sophos.
The other piece of Malware is a worm known as Tored-Fam, a variation of the Tored worms that have been around for nearly a year. This one propagates via email attachments and gathers up email addresses in an attempt to forward the worm on to other people’s computers.
According to Sophos, the coding of this worm indicates that it is being used to build a Mac botnet known as Raedbot which is being assembled by a Malware writer based in Tunisia.
This latest find just goes to show that these days no one can be complacent, not even Apple lovers.
If you want to find out all the latest news on tech why not subscribe to our RSS feed?
THANKS FOR GIVING THIS INFO ABOUT THE MALWARE !IT IS VERY USEFUL FOR VISITORS LIKE ME!
I get annoyed when I set up someones computer, install McAfee and spybot, but they still manage to get viruses, trojans, and malware. Because aparentley, these people didn’t know what to do when McAfee found it, so they added it to the trusted list! gerrrr. BRAND new installation of Windows (because the other Windows they had was just crawling in bad stuff), but they still manage to install this “Fast Browser Search” thing that hijacks there homepage! Even after running Dr Web, Malwarebytes, and SpyBot, it still somehow reinstalled itself. You would delete the search engine and change your homepage to default. But as soon as you started Firefox, your home page was hijacked and the search engine was back.
I started up Portable Firefox… Low and Behold, it was gone. So I used Revo Uninstaller and completely deleted Firefox and everything that it had in the registry and everywhere… Then I installed a brand new Firefox and the malware was gone! Apparently it had hid itself somewhere in Firefox.