SecureMac has issued a security advisory that it has discovered multiple variants of a new Trojan horse in the wild that affects OS X 10.4 and 10.5.
The Trojan horse is being distributed via a hacker website where there are discussions to distribute the Trojan horse via iChat and LimeWire.
The Trojan horse is distributed as a compiled AppleScript, called ASthtv05 (60 KB) or an application, AStht_v06 (3.1 MB). The end user must download and open the Trojan horse in order for it to infect their computer.
The Trojan horse allows for remote access of the system and can transmit sensitive information, including keystrokes and passwords.
Be careful out there everyone.
Dave Barnes
June 22, 2008 at 8:19pm
that the article has no pointers to the site where I could acquire this trojan.
I would like to install it on my iMac to see what it really does as it does not sound that scary.
It would also help me test whether or not Little Snitch is actually protecting me.
Isaac McPheeters
June 21, 2008 at 2:11pm
Ah-hem. This is not a virus. Trojan horses are scripts that YOU have to activate. You get a file that looks like an MP3. It messes up your system. It's because you activated the Trojan.
Viruses are not really so much of an issue on the Mac. They don't require you to much of anything. Still, one should always beware.
FYI, one of the worsts bugs out there, the Storm worm, is a Trojan horse.
Benjamin
June 21, 2008 at 9:06am
This is incredibly disappointing, i purchased the mac this year just because of it ability to fight off stupid shit like this with out the need of a anti virus, now i have to pay 30 dollars to install this crap form an unknown company, this all fucking suspect to me, i hated windows and hated installing heavy virus scanners which usually killed the performance of the comp, so now i guess i will have the same issues here.. this is really upsetting.
I'm not the one to do conspiracy theory, but all these virus scanner companies I'm sure foaming at the mouth and spreading the word that it's time for a virus definition for the mac...i wouldn't put it pass them if they where the perpetrators of this T-horse
PSP
June 27, 2008 at 9:26am
I would like to comment that PC users have options to tighten down thier systems much like MAC users. It is often not done by default, so their systems tend to be more open. Add the fact that MAC is a much smaller target then PC, you get the disparity between the two. Websites and email vulnerabilites work the same, and unless you are educating your users not to open all kinds of stuff, they will be subject to the "pest" on the Internet. I am now managing a small office of MAC users, and I can tell you from that experience that they feel so secure in thier MAC world, that they do not think twice about running any and everything on their systems. When I tell them this is not a good idea, I get the lecture that MACs are not PCs, so they are safe from all types of vulnerabilities. Do some digging, and you will realize MACs have issues also, just on a smaller scale.
Also, it is unfair to blame Apple for this problem. There is no such thing as a secure system, unless you unplug it from the network and turn it off. Apple's Unix has a more secure architecture then Windows, but it is not impenitrable. As soon as people accept this, then adequate software can be written that will not slow down the system and cause other issues. This is my dilemma now, finding adequate Antivirus software for this team. Personal users can afford to do without, but in the business world, you only have to infect one person and you are in trouble. It isn't worth the financial cost to save $30.
Just a humble opinion on the subject.
Matías Halles
June 23, 2008 at 12:41am
As it says, the trojan needs to be executed by the user for he/she to get infected. IMHO it's a matter of paying attention when you get infected... at least on a mac :)
Just be carefull and you'll never have to deal with any virus.
Ben
June 22, 2008 at 7:58pm
If you should need anti-virus, I advise you to not pay $30. Go and download the open source ClamXAV. It's a little on the slow side, but it still works just fine. Well, everything on my aging Mac is a little on the slow side anyways...
Currawong
June 22, 2008 at 12:27am
It will only be a short while before Apple release a security update to fix this. No need to pay money for rubbish software. Anyway, this exploit requires that the user run a script. The exploit can't simply be activated by a web site or email, such as many Windows exploits.
Anonymous
June 20, 2008 at 11:20pm
Keep up the good works, by the way love yur sites and magazeens. I got so many homies lookin at yur editorial sections and goodies since the year 2000
Anonymous
June 20, 2008 at 11:14pm
Those who love technology shouldn't mess with it coz for one thing we f***k up everything we create and life is full of problems as it is. ENOUGH ALREADY WITH THE VIRUSES"!!!! These muthaF***kin' geeks and hackers and virus makers should be burning in HELL!!!!
