 |
 Stephen Withers turns his gaze on the world of Apple, with
detours into other aspects of IT and communications as they catch his
attention. |
Technology news and Jobs 
Our Blogs Core Dump Dastardly duo of Mac OS X Trojan threats on the loose in the wild
Our Blogs Core Dump Dastardly duo of Mac OS X Trojan threats on the loose in the wild | Dastardly duo of Mac OS X Trojan threats on the loose in the wild |
|
| by Stephen Withers | |
| Monday, 23 June 2008 | |
|
Page 1 of 2 Having fooled the user into running the malware in the first place, PokerGame then attempts to trick the user for a second time, claiming that an admin password is needed to repair a corrupt preference file. Think about it: you're running a program for the first time, which means it will create a preference file rather than reading an existing one. Secondly, application preference files are customarily stored within the user's own home folder, where admin rights are not needed. PokerGame starts the ssh (secure shell) service and sends your IP address, username and password hash to a server. While knowledge of the hash doesn't immediately allow an attacker to break into the computer, dictionary-based methods can find the corresponding password in a surprisingly short period of time if it is a normal word. Once the password has been cracked, the bad guys can use ssh to log into the target Mac and do pretty much what they like, including copying or deleting files, or encrypting documents and then holding them to ransom. So what's the other new Trojan? Find out on page 2. |
| < Next story in category | Previous story in the category > |
|---|
