NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Home / News / Apple / Software

Software

It's Official: Mac Trojan on the Loose

As many as three security firms have acknowledged the threat so far

By Filip Truta, Apple News Editor

20th of June 2008, 21:51 GMT

Adjust text size:

Well, it seems the guys behind iAntiVirus and VirusBarrier X5 knew what they were talking about. Makers of Mac anti-spyware and anti-virus solutions, SecureMac, have discovered what is reported as a new Mac OS X Trojan horse. Dubbed "Applescript.THT Trojan," the malware is thought to have originated via a "hacker" website, Limewire and even Apple's own iChat.

Applescript.THT Trojan is disguised as an application bundle

called 'Astht_v06' weighing in at 3.1MB in size, macnn is reporting.

From SecureMac: SecureMac has discovered multiple variants of a new Trojan horse in the wild that affects Mac OS X 10.4 and 10.5. The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire.

According to SecureMac, the Trojan horse runs hidden on the system, and allows a malicious user complete remote access to it. The malware can send system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Even worse, the AppleScript.THT Trojan horse can log keystrokes, take pictures with your Mac's built-in iSight camera, take screenshots of whatever you are doing at a given moment, and even turn on file sharing, exposing your personal life even more.

Earlier today, we reported that security firm Intego claimed to have found a new vulnerability connected to Remote Management in Mac OS X. The company is also offering a solution for this - its VirusBarrier X5 for Mac OS X 10.5.2 (Leopard). The recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root, is exactly what the Trojan horse exploits. SecureMac warns that the malware is distributed as either a compiled AppleScript - ASthtv05 (60 KB in size), or as an application bundle - AStht_v06 (3.1 MB in size).

However, the user must download and open the Trojan horse in order to become infected. It moves itself immediately to the /Library/Caches/ folder and adds itself to the System Login Items, according to SecureMac. This is where the company's MacScan 2.5.2 comes in and saves the day. MacScan detects, isolates, and removes spyware like applications, such as keystroke loggers and Trojan horses, to protect your Mac.

Here's a trial version of the software. Whether you're planning on installing security software on your Mac, the best thing you can do is never download and install software from untrusted sources or dubious websites.

TAGS:	Trojan Horse \| Trojan \| malware \| Applescript \| Limewire	SHARE THIS
Read by 4,187 user(s) \| Add comment \| Link to this article		TWEET THIS

Article rating:

Fair (2.6/5)

3 vote(s)

Subscribe to news |

Print article |

Send to friend

SEARCH THE NEWS ARCHIVE :

Today's News | Yesterday's News | News Archive

User opinions:

Comment #1 by: novel on 22 Jun 2008, 11:19 GMT

reply to this comment

is a bunch of bull. if you download stuff and run them at your own risk, then it was your risk, enjoy the malware. freebsd does not allow viruses. mac os redesign allows loopholes, i guess they are getting a % from the antivirus companies. its a big business. I just downloaded ubuntu for PPC and i'll be getting rid of macos for good and the not-direclty affiliated (in quotes) antivir companies. Lusers, educate yourselfs.

Share your opinion:

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| ENTER NEWS SITE \| ENGLISH BOARD \| ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use \| Update your software \| Archive