Researchers find Mac OS X malware posing as PDF file
Summary: The malware installs a backdoor that contacts a remote server for instructions and can be used to steal files or capture a screenshot of the infected computer system.
Researchers at F-Secure have discovered a Mac OS X malware file masquerading as a PDF file to lure users into installing a backdoor trojan.
The malware, flagged as a trojan dropper, installs downloader component that downloads a backdoor program onto the system, while camouflaging its activity by opening a PDF file to distract the user.
According to F-Secure, the PDF file contains Chinese-language text related to political issues, which some users may find offensive.
Once installed, the trojan dropper installs a backdoor program that gives a hacker full control of the infected Mac OS X machine.
The backdoor typically contacts a remote server for instructions and can be used to steal files or capture a screenshot of the infected computer system, which is then forwarded to the remote server.
F-Secure reports that the command-and-control of the malware is just a bare Apache installation that is not yet capable of communicating with the backdoor.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: Researchers find Mac OS X malware posing as PDF file
If so, I'd say this plus the ability authenticate to LDAP using anything, and the ability to change any user's password would be interesting.
*grabs popcorn*
Are you getting lonely with your popcorn?
Where are all the posters who usually equate the existence of malware with major security design flaws in the target platform?
Maybe they are too busy cleaning this malware off their Macs?
*munch* *munch*
*chirp* *chirp*
RE: Researchers find Mac OS X malware posing as PDF file
Well that's fine...
Except all the other Mac fanboys and apologists say that the 'security through obscurity' argument is BS, that Macs are more secure by design (which security professionals vehemently disagree with)
So which is it? who is right? the morons who say the Mac is secure by design (again, security professionals)? or, the morons who claim they have security through obscurity?
RE: Researchers find Mac OS X malware posing as PDF file
RE: Researchers find Mac OS X malware posing as PDF file
People with common sense give you the fact of the matter and that is the probability of getting malware on a Mac is much less than its more widely used counterpart like the probability of someone shooting me in my house is less than if I was in the middle of a war zone.[/b] So you seem to bringing up the whole "security by obscurity" defense... and yet this is no longer the case. [b]
The morons are those who waste their time mulling over this question. [/b] First you say the morons are those who blame the OS maker now you say the morons are those who mull over the question of security by obscurity vs security by design - neither of which apply to a Mac anymore. [b]Besides, security be design wouldn't even apply to malware. The fact of the matter is that the probability of getting viruses on Macs are much much lower and that's certainly a pro in the Mac column. There are obviously other factors.[/b] The probability is lower now - but a few months ago the probability was none. You say there are other factors - care to share what those might be other than the ones I mentioned above?
RE: Researchers find Mac OS X malware posing as PDF file
RE: Researchers find Mac OS X malware posing as PDF file
"But you of course like to make reference to these morons because that gives you someone you can mock. Actually he's mocking the hordes of mactards who claim that malware on Windows is the fault of Microsoft and also claim that there is and can never be any malware on Macs."
Basically what I said except you replaced "moron" with "hordes of mactards". Nice counter argument, except saying "moron" is more comprehensive since it would include people like toddybottom (who is clearly not a mactard) who blame Apple for malware on Macs.
"People with common sense give you the fact of the matter and that is the probability of getting malware on a Mac is much less than its more widely used counterpart like the probability of someone shooting me in my house is less than if I was in the middle of a war zone. So you seem to bringing up the whole "security by obscurity" defense... and yet this is no longer the case. "
I don't remember bringing up any specific defenses. In fact, I specifically said people are wasting their time trying to figure out exactly why Macs get less Malware. And what do you mean it's not longer the case. I don't have any data on hand, but if we assume Ed Bott has written an article about every piece of malware on a Mac (which is probably true since he sometimes writes multiply articles) then I believe my statement stands.
"The morons are those who waste their time mulling over this question. First you say the morons are those who blame the OS maker now you say the morons are those who mull over the question of security by obscurity vs security by design - neither of which apply to a Mac anymore."
Yes, there are more than one type of morons. In this case I'm speaking specifically about malware. So yes, no system can prevent a user from getting a new piece of malware so it's a pretty idiotic thing to be arguing about.
"Besides, security be design wouldn't even apply to malware. The fact of the matter is that the probability of getting viruses on Macs are much much lower and that's certainly a pro in the Mac column. There are obviously other factors. The probability is lower now - but a few months ago the probability was none. You say there are other factors - care to share what those might be other than the ones I mentioned above?"
Yes so, reduced malware is less of a pro for a Mac now than it was a few months ago (although not buy as I'm sure the amount of malware written for Macs are very small). I never denied it. As for these other factors; you can't possibly believe that I would base my choice of OS solely on how likely I am to get malware.
RE: Researchers find Mac OS X malware posing as PDF file
My point exactly; and look at all the bashing I'm getting for saying it.
Presumably it affects any version of OS X...
The operating system could be the most secure in the world, but it can't protect against gullible or naive users.
Sure, blame the user
This is all the user's fault.
I've heard this defense before when it comes to malware on a certain other OS.
That argument wasn't accepted then.
It shouldn't be accepted now.
Apple must do more to protect its users from malware.
RE: Researchers find Mac OS X malware posing as PDF file
People who say its the OS (whether Windows or OSX) fault for malware getting in are trolls. So you mocking them and then saying the same thing for OSX is basically like a troll mocking another troll and then trolling.
RE: Researchers find Mac OS X malware posing as PDF file
This isn't really very OS specific, the problem is endemic with ALL "WIMP" style GUIs.
I think most folks are going to get suspicious when
RE: Researchers find Mac OS X malware posing as PDF file
Thanks baggins_z, I was thinking the same. Neglecting to mention this to people often unfamiliar with OSX gives a different impression. Doesn't it? Of course all Operating Systems have or develop flaws as they evolve, but nothing attracts readers like Apple-related articles. Apple sells, regardless of completeness, accuracy or objectivity. Fans cheer. Anti's jeer. Where's our middle ground? Still at the library with everything else unsexy.
RE: Researchers find Mac OS X malware posing as PDF file
Does it behave that way if the user is booted as an admin or merely prompt with you sure you wanna let this run?
Even if you are logged in as and admin, you'll still
RE: Researchers find Mac OS X malware posing as PDF file
@toddybottom
You still don't get it
And this describes most OS X users. And Windows users.
If it didn't, there wouldn't be any successful trojans on any systems.
But there are.
So you are wrong.