Symantec analysis of the botnet shows that many computers remain compromised with the trojan, though hundreds of thousands have been cleaned, and the infrastructure contains a Twitter communication apparatus.
A new trojan is targeting the same Java vulnerability that the Flashback malware took advantage of last week.
Security experts are backing up one anti-virus vendor's estimate of the massive size of a Mac trojan botnet.
Although Apple released a Java update this week to prevent the spread of a dangerous trojan, experts say the botnet continues to grow, and the U.S. accounts for over half of the compromised Macs.
A live exploit is making the rounds that takes advantage of a bug in Java, which has already been patched, but hasn't yet made its way to Mac OS X users.
Researchers have uncovered a rare instance of so-called espionage malware for the Mac OS X platform.
Three out of every four new malware strains created during the third quarter was a trojan, says a new report from PandaLabs.
The complex trojan aims to steal digital currency and use infected computers for Bitcoin mining.
The so-called "Tsunami" backdoor trojan is derived from an older Linux family of backdoors around since at least 2002.
Malware writers aren't waiting long between releasing new variants for a Mac trojan known as Flashback. The latest is designed to disable built-in anti-virus on target machines.
Malware writers are borrowing a page from the Windows attack handbook with the latest Mac OS X threat.
An Apple operating system flaw could allow any user to obtain stored password hash data through an openly readable directory.
Apple on Tuesday released a Mac OS X security update to automatically find and remove rogue anti-virus (AV) software known as scareware. The update contains two "file quarantine" capabilities, as well as a "malware removal" functionality. Ongoing rogue AV scams targeting the Mac OS X, the most popular of which is MacDefender, have grown increasingly nefarious in recent days, leading to a significant uptick in infections. The malware aims to trick users into believing their systems are infected so they purchase phony AV products.
A new version of fake anti-virus malware targeting the Macintosh operating system (Mac OS X) has led to a significant increase in infections over the past week.
Apple released a number of security updates for Mac OS X, Safari and iOS.
Apple on Wednesday issued security updates for its Safari 5 web browser and iOS mobile operating system to address dozens of vulnerabilities.
Mac risks are sure to grow as Apple market share increases, but experts are debating the seriousness of a new threat.
January 26, 2011
Conventional wisdom that Mac OS X computers and mobile devices won't be targeted or infected by cybercrooks is about to be disproven.
Will 2011 be the year that threats against Mac platforms and devices finally reach the tipping point? Yes, according to a number of security firms.
The notorious Koobface worm is back, this time with a variant that runs on Mac OS X machines.
Apple this week released security updates for Java for Mac OS X Leopard (10.5) and Snow Leopard (10.6), but hinted in its release notes that the software may be removed from future versions of its operating systems. The updates, here and here, fix several bugs that could allow an attacker to execute arbitrary code, according to a Thursday advisory from US-CERT. "Developers should not rely on the Apple-supplied Java runtime being present in future versions of Mac OS X," the release notes state. The Java runtime shipping in Leopard and Snow Leopard will, however, continue to be supported, Apple said. The declaration from Apple comes the same week as Microsoft warned of mass exploitation of Java to foist malware. — AM
Apple on Tuesday issued an update to Mac OS X to fix 13 flaws, including one that is similar to the "jailbreak" vulnerability already patched in its mobile OS.
Apple has pushed out a Mac OS X update, its fourth of the year, to close more than two dozen vulnerabilities.
A purported spyware application bundled with roughly 30 Mac third-party screensavers is back active after its maker temporarily stopped distributing it.
Microsoft typically garners all of the attention on Patch Tuesday, but for January's installment, researchers consider Adobe's fix for a critical zero-day vulnerability to be the major priority. Oracle also was scheduled to release fixes.
December 30, 2009
Expect more of the same next year from cybercriminals as they try their craft on different platforms. But one rule still applies: If you're vulnerable, they'll find you.
Apple appears to be getting at least somewhat serious about security, with plans to include an anti-virus mechanism in the next version of its Mac OS X.
Despite conventional wisdom, Mac malware remains alive and well.
The vulnerabilities could allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service.
A DNS-changing trojan targeting Macintosh computers is making the rounds, disguised as a "MacCinema Installer," Dave Marcus, director of security research and communications for McAfee Avert Labs, told SCMagazineUS.com Wednesday. The latest variant, called OSX/Puper.a, was identified in late March, but researchers detected a new sample this week. Users are being prompted to download the malware when trying to view certain online videos, Marcus said. If infected, a victim's web traffic could be diverted to website of the attacker's choosing. — AM
