Susie Ochs's picture

Trojan Horses on Mac OS X

 We briefly mentioned this on Monday, but there's more info about the Mac OS X Trojan horses recently sighted.  One of them, seen in the wild, is disguised as a Mac program called If you type in your administrator password at the prompt, the hacker will be able to remotely access your Mac through a SSH tunnel. But another Trojan, so far just a proof of concept, actually gives the hacker root access, via an ARDAgent vulnerability in the operating system.  This has naturally led to more concern about the rising threat of Mac OS X malware, and we're sure to hear more about it as the Mac platform becomes more and more popular. Prominent hacker Dino Dai Zovi offers some suggestions for Apple to put better malware protection into Snow Leopard. Until then (and even after then, of course), it's up to everyone to stay vigilant.

Roberto Baldwin's picture

  SecureMac has issued a security advisory that it has discovered multiple variants of a new Trojan horse in the wild that affects OS X 10.4 and 10.5. The Trojan horse is being distributed via a hacker website where there are discussions to distribute the Trojan horse via iChat and LimeWire. The Trojan horse is distributed as a compiled AppleScript, called ASthtv05 (60 KB) or an application, AStht_v06 (3.1 MB). The end user must download and open the Trojan horse in order for it to infect their computer. The Trojan horse allows for remote access of the system and can transmit sensitive information, including keystrokes and passwords. Be careful out there everyone.   

Anonymous's picture

Give Your Mac The Finger

Computer security is no laughing matter. Even Average Joes should be concerned about the imminent threat of a security breach. We take it for granted that our computers, both desktop and notebook, contain a lot of personal information. Photos, letters, tax documents, projects, etc. So what can you do?