Drive-by downloads danger from new Mac Trojan: Symantec

by Stephen Withers

Tuesday, 24 June 2008

Page 1 of 3 ! A new Trojan targeting Mac OS X poses a drive-by download threat to users, according to a senior manager at security vendor Symantec. Two new Trojans that could compromise the security of Mac OS X were reported yesterday and more information on one of them has come to light. The recently reported Mac Trojan, Astht (aka Hovdy),  could be combined with drive-by download techniques for surreptitious installation without the user having to explicity launch the malware, Robert Pregnall, senior manager of Symantec's endpoint security business, has warned. However, to date no known exploits have occurred, another Symantec spokesperson later added. The term 'drive-by download' refers to exploits that silently download and install software (often from trusted web sites that have been compromised) without the user's knowledge. Flaws in Flash or other browser plugins could be exploited to launch the script on Mac OS X, Pregnall suggested. Such exploits appear to be rare, so as with previous Mac OS X "virus" scares, the problem is getting people to run the code in the first place. "Like many Windows attacks, this Mac Trojan horse relies on the user giving it permission to install itself. Using social engineering techniques, the Trojan horse could be disguised as a game, a video codec, or a handy new utility," said Carole Theriault, senior security consultant at Sophos. "Sadly, many Mac users are just as willing as their Windows-based cousins to install a program without careful thought as to safety. We are not witnessing a large scale attack by this Trojan, but it is worrying to see yet more hackers turning their malevolent gaze to the Mac platform." What more has been learned about the Trojan? Please read on. << First page <   1 2 3 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >

Visitors last 30 days Suscribers

904,266 13,751