ITWire

Home Business IT Security Another Mac drive-by malware scare

Another Mac drive-by malware scare

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


Another piece of Mac malware has turned up. It uses the same Java drive-by vulnerability exploited by Flashback.K.
Dubbed Sabpab by security vendor Sophos, a new piece of malware can find its way onto a Mac with no user intervention other than visiting a malicious web page. This is achieved by exploiting a vulnerability in Java that was patched in the update released last week by Apple following the outbreak of the Flashback.K malware.

So if you applied the Java update promptly, there's most likely nothing here for you to worry about.

Sabpab (which apparently gets its name from its use of a file called com.apple.PubSabAgent.pfile, a similar name to the legitimate com.Apple.PubSubAgent.plist) sets up a backdoor on infected Macs.

"It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do. The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely," said Graham Cluley, senior technology consultant, Sophos.

Sabpab is detected by security products from Sophos, Symantec and (presumably) other vendors.

It is easily removed manually by deleting /Users//Library/Preferences/com.apple.PubSabAgent.pfile and /Users//Library/LaunchAgents/com.apple.PubSabAGent.plist. If you haven't applied last week's Java update, the risk of re-infection will remain.

RECRUITMENT & RETENTION REPORT 2013

HIRE OR FIRE? BUY OR BUILD

2013 is well underway and Australian companies need to know whether they should invest in IT skills training or pay a premium for the people they need.

If you want to know which choices are being made in your sector, what skills are hard to find, which sectors intend to hire or fire and where the IT spend is going, this free report is must have.

GET YOUR REPORT NOW

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences, a PhD in Industrial and Business Studies, and is a senior member of the Australian Computer Society.

More in this category: « Nextgen Networks offers Arbor Networks DDoS protection Malicious android apps tipped to top 120,000 »
back to top


Services

Company

Community

Connect

http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=5460041&PluID=0&ord=[2000]&rtu=-1