Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Mac OS X Trojan download warning

SecureMac : 20 June, 2008  (Technical Article)
AppleScript.THT Trojan enables remote access to victim computer with transmission of passwords and capabilities for keylogging, warns SecureMac
SecureMac has discovered multiple variants of a new Trojan Horse in the wild that affects Mac OS X 10.4 and 10.5. The Trojan Horse is currently being distributed from a hacker web site, where discussion has taken place on distributing it through iChat and Limewire.

The Trojan runs hidden on the system and allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Additionally, the AppleScript.THT Trojan can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots and turn on file sharing. The Trojan exploits a recently discovered vulnerability with the Apple Remote Desktop Agent which allows it to run as root.

The Trojan is distributed as either a compiled AppleScript, called ASthtv05 (60 kb in size) or as an application bundle called AStht_v06 (3.1Mb in size). The user must download and open the Trojan in order to become infected. Once the Trojan is running, it will move itself into the /Library/Caches/ folder and add itself to the System Login Items.

To protect your system against this threat, run MacScan 2.5.2 from SecureMac with the latest spyware definitions update (2008011) dated June 19th 2008. SecureMac recommends that users download files only from trusted sources and sites.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo