Spyget > Latest Mac Malware Masks as PDF Doc

[Gev.com - Latest Technology, Entertainment and Lifestyle News] The Mac malware utilizes two-step process, made with Trojan “dropper” utility that downloads the second element and Trojan “backdoor” that connects to remote server which is controlled by attacker that is used as communication channel to send information gathered from infected Mac and receiving added instructions from hackers.

Previous [Previous] Emsisoft Anti-Malware 6.0.0.35|software programs...

Next [Next] In-House Malware Analysis: Why You Need It, How To Do It - Dar...

Some related posts from Technorati and Google.

[Tech News] Reed Corner Design : Tech News » Blog Archive » More broken ...:  MacDefender caught the security companies completely by surprise and had stolen countless credit card numbers before any response was possible.  In contrast, if Revir/Imuler is still a work in progress, and not just an experiment, it has caught the attention of the security community before it is ready for that spotlight.

[threatpost - The First Stop for Security News] New Mac OS X Trojan Imuler Hides Inside Malicious PDF | threatpost: The new piece of malware hides inside a PDF file and delivers a backdoor that hides on the user's machine once the malicious file is opened. Once the user executes the malware, it puts the malicious PDF on the user's machine and then opens it as a way to hide the malicious activity that's going on in the background, according to an analysis by researchers at F-Secure.

[Microsoft Windows Vista Community Forums - Vistaheads] Mac Trojan Posing as a PDF File - Microsoft Windows Vista ...: This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a ".pdf.exe" extension and an accompanying PDF icon. The sample on our hands does not have an extension or an icon yet.

[The Mac Security Blog] September 26, 2011: Mac Flashback Trojan ... - The Mac Security Blog: If the user proceeds with the installation procedure, the installer for this Trojan horse will deactivate some network security software (code in this malware specifically targets and deactivates Little Snitch, but has no effect on Intego VirusBarrier X6), and, after installation, will delete the installation package itself. The malware installs a dyld (dynamic loader) library and auto-launch code, allowing it to inject code into applications the user launches.

["the ping"] "the ping" » Blog Archive » Mac OS X Trojan Spreads Under Guise ...: But, this targeting of the Mac OS is rather unusual, Chet Wisniewski, senior security adviser at Sophos, told SCMagazineUS.com on Friday. Up to this point, most Mac malware has tried to push fake anti-virus products on users, but this is one of the first strains that is using this type of social engineering.

[Stop Spam Tips] Sophos warns vs new Trojan malware targeting Mac OS X | Stop ...: “It’s quite possible that this is evidence that Mac malware authors are attempting something similar, moving on from the fake anti-virus alerts that blighted many Mac users earlier this year,” Sophos said.

[Cult of Mac] Mac Malware: Trojans Are Nothing New | Cult of Mac: The whole point of trojans is that they exploit the most serious security problem of all: gullible users. A trojan does not take advantage of any holes in the code, all it needs is to persuade someone to click an “OK”, or to run an installer, and it has done its job.

[BetaNews] Be careful, that PDF might be a Mac Trojan: The fake PDF is not yet perfected: "As of this writing, the C&C of the malware is just a bare Apache installation and is not capable of communicating with the backdoor yet. The domain was registered on 21 March 2011 and was last updated on 21 May 2011".

[Onsite Insite] Onsite Insite | Blog | New Mac OS X Trojan Imuler Hides Inside ...: Malware that targets Mac OS X isn’t anywhere near catching up to Windows-based malware in terms of volume and variety, but it seems that OS X malware may be adopting some of the more successful tactics that Windows viruses have been using to trick users. Researchers have come across a sample of an OS X-based Trojan that disguises itself as a PDF file, a technique that’s been in favor among Windows malware authors for several years now.

[The Security Blog » Latest InfoSec Threat Research & News | TheSecurityBlog.com] Mac trojan posing as a PDF file – Security Threat Research News: It starts by dropping a PDF file embedded in its body and opens it in an attempt to prevent the user from noticing the ongoing suspicious activity. The content of the document is taken from an article that was circulating late last year, and contains Chinese-language text related to political issues, which some users may find offensive.This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a ".pdf.exe" extension and an accompanying PDF icon.

[Spyware Removal] Mac Trojan Posing as a PDF File: This malware may be attempting to copy the technique implemented by Windows malware, which opens a PDF file containing a ".pdf.exe" extension and an accompanying PDF icon. The sample on our hands does not have an extension or an icon yet.

[Hitech Crime Solutions] Sophos warns vs new Trojan malware targeting Mac OS X: A new Trojan malware now stalks users of computers running Apple Inc.’s Mac OS X, using an old disguise that once fooled users of Microsoft’s Windows.

[Daily News] F-Secure: Malware Attack Through OS X PDF | Daily News: Malware embedded in the PDF for the new Mac malware. “The appeal of the PDF is a good trick to get people to install trojans,” said Sophos senior security adviser Chet Wisniewski, .

Reflected tags on Technorati: Blog, ,