The Trojan makes photos of Mac users
Posted: January 13th, 2009 | Tags: Malware, Security, Trojan |Recently, users of Mac-computers were in safety concerning harmful programs, now this situation starts to change. And not in the best direction. Recently founders of harmful codes are involved more and more with Apple computers, and experts on safety even more often declare the next dangerous program. So, the new Trojan horse working under OS X Tiger and Leopard, can steal the password, avoid definition, bring in a broad gull everything that users have typed and even to make their photo.
Under the statement of researchers SecureMac and Intego, the new Trojan, apparently, has set of the versions which can create real danger to users. Getting on the computer through application AStht_v06 (3.1Mb) or through AppleScript, named ASthtv05 (60Kb), Trojan AppleScript. THT operates by means of recently declared vulnerability Apple Remote Desktop Agent. Working under an account “root” or other users with full privileges, the program adds itself in System Login Items that allows it to be started automatically at each loading of the computer. Besides, it copies the body in a folder/Library/Caches/and tries to disappear from possible detection, switching off system broad gulls and opening ports of a fireproof wall of an operating system. Also the new Trojan is able to “communicate” with an external world and allows malefactors to get full access to the infected Mac-computer.
Now it is already confirmed that by means of AppleScript. THT malefactors can steal all system and user passwords, and also obtain all data typed by you. The program also is able to include possibilities on opening of folders in a network and even to do photos of the user by means of the built in chamber iSight. It is necessary to tell that the new harmful program did not remain without attention антивирусников. Researchers SecureMac and Intego have already brought it in databases of viruses, and users already now can clear of it the computers.
Leave a Reply