• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Recently Discovered Mac Malware Captures and Uploads Screenshots without Permission


    Earlier this week, new Mac spyware was discovered on a computer at the Oslo Freedom Forum, which is an annual human rights conference. Located by computer security researcher Jacob Appelbaum, the malware, which has been deemed OSX/KitM.A, is currently being investigated by the anti-virus company F-Secure according to CNET.

    The malware is a backdoor application named “macs.app” which automatically launches upon login and captures screenshots that it then sends to a MacApp folder in the user’s home directory. There have been two command-and-controls servers, which are located at securitytable.org and docsforum.info that are associated with the malware. One doesn’t function and the other gives a “public access forbidden” message though.

    Interestingly enough, the malware is signed with an Apple Developer ID, which is designed to prevent the installation of malware. Apps that are unsigned are blocked by default by Apple’s Gatekeeper security option. According to the folks at CNET:

    This bit of malware is somewhat unique in that it is signed with what appears to be a valid Apple Developer ID associated with the name Rajender Kumar. Though not an uncommon name, this may be a reference to the late Bollywood actor of a similar name. Regardless, the use of the ID appears to be an attempt to bypass Apple's Gatekeeper execution prevention technology.
    As of right now, F-Secure is looking into the origination of the malware and though it doesn’t appear to be widespread, it can be mitigated by removing the macs.app program from the log0in menu. The Cupertino California company generally tends to address malware threats rather quickly on top of which, the company has the ability to revoke the developer ID to further limit the spread of the software. The issue will likely be taken care of in the near future.

    Source: F-Secure via CNET
    This article was originally published in forum thread: Recently Discovered Mac Malware Captures and Uploads Screenshots without Permission started by Akshay Masand View original post
    Comments 9 Comments
    1. *T*'s Avatar
      *T* -
      Deem: to regard or consider in a specified way.
    1. TimInMass's Avatar
      TimInMass -
      When are people going to realize Macs aren't immune to malware?
    1. vinaygoel2000's Avatar
      vinaygoel2000 -
      Quote Originally Posted by TimInMass View Post
      When are people going to realize Macs aren't immune to malware?
      Who said macs are immune to malware? It's just 1 vs 1,000. More malware is developed for Windows just because the number of Windows users is >> number of Mac users.
    1. dsg's Avatar
      dsg -
      Quote Originally Posted by TimInMass View Post
      When are people going to realize Macs aren't immune to malware?
      When are windows users going to stop saying mac users are ignorant to the facts?
    1. ThatOneProfile's Avatar
      ThatOneProfile -
      This is one of the reasons I will continue to stick with iOS. Although it is very controlled, I like the protections that it has. osx is more open to malware.
    1. keenpois0n's Avatar
      keenpois0n -
      I wonder if PC dedicated sites report every virus or malware found for PCs.
    1. luvmytj's Avatar
      luvmytj -
      Quote Originally Posted by dsg View Post
      When are windows users going to stop saying mac users are ignorant to the facts?
      Amen brother... it never ends.
    1. vinaygoel2000's Avatar
      vinaygoel2000 -
      Quote Originally Posted by keenpois0n View Post
      I wonder if PC dedicated sites report every virus or malware found for PCs.
      I don't think so. Maybe only major ones.

      I'm a Windows user by the way but not subscribed to any Windows forum.
    1. camxposure's Avatar
      camxposure -
      Just when the Pentagon gave iOS 6 the go ahead....

      @ No one said MACs were immune to malware , they are immune to viruses for the PC.
      Nowadays all you have to do is hit a period or go to a site and you're vulnerable to attack.