Johannesburg, 27 Jun 2008
Apple Mac users are advised to ensure they are taking sufficient precautions to safeguard their computers, as a new Trojan horse for the Mac OS X platform is discovered, explains Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
TheOSX/Hovdy-A Trojan horse is capable of infecting Mac OS X computers, in an attempt to steal passwords, open firewalls to give access to hackers, and disable security settings, he says.
"While it's true that Mac OS X computers are far less commonly targeted than Windows PCs by hackers and malware authors, that doesn't mean Apple users can rest on their laurels and disregard common sense when it comes to securing their computers," says Myroff.
"In the last 12 months, we have seen growing evidence that cyber-criminals are increasingly looking for opportunities to hack into Mac computers for financial gain. Although the problem is much smaller than on Windows, Mac users would still be wise to ensure they run an anti-virus, keep up-to-date with security patches, and exercise care as to which programs they choose to install on their computers."
He explains that the Hovdy-A Trojan horse takes advantage of a recently publicised vulnerability in Apple's Mac OS X operating system, affecting its Apple Remote Desktop Agent, to gain root access. Once a computer has been exploited, the hacker can gain complete control of the compromised Macintosh - covering its tracks by disabling system logging.
"Like many Windows attacks, this Mac Trojan horse relies on the user giving it permission to install itself. Using social engineering techniques, the Trojan horse could be disguised as a game, a video codec or a handy new utility," Myroff notes.
"Unfortunately, many Mac users are just as willing as their Windows-based cousins to install a program without careful thought as to safety. We are not witnessing a large-scale attack by this Trojan, but it is worrying to see yet more hackers turning their malevolent gaze to the Mac platform."
Myroff says this week's line-up of low to medium prevalence Trojans affecting Windows users include Troj/Agent-HDJ, Troj/Dloadr-BNB, Troj/DwnLdr-HEP, Troj/FakeAle-CQ, Troj/NtRootK-DQ, Troj/Renos-AI, Troj/RootKit-CY, Troj/Agent-HDF, and Troj/AntiSpyC-A.
The W32/Strati-B Worm has also been detected, he concludes.
Share