Macs hit with another widespread malware

Macs hit with another widespread malware
Security firm Sophos has announced today the discovery of another widespread malware attacking Mac computers.

Dubbed "Sabpab," the threat uses the same Java vulnerability that the Flashback botnet exploited last month in creating 650,000 Mac zombies.



Sophos says you can check to see if you have been infected by searching for the following files:

/Library/Preferences/com.apple.PubSabAgent.pfile

/Library/LaunchAgents/com.apple.PubSabAGent.plist


Sabpab has been described as a "basic backdoor Trojan horse" which allows control servers to execute commands remotely on infected Macs.

Apple has already patched the vulnerability and the new trojan is not as widespread as Flashback was, but still remains a threat if you have not updated.



Written by: Andre Yoskowitz @ 13 Apr 2012 19:15
Tags
malware botnet Trojan sabpab
Advertisement - News comments available below the ad
  • 12 comments

  • GryphB

    Here's another HAHA in Apples face.

    13.4.2012 22:13 #1

  • iamgq

    Does anyone know the time difference between the north and south pole?

    True thug Afterdawn memeber since 05! Shout out to all those old school member still in the ranks of Newbie! Represent!

    14.4.2012 13:10 #2

  • ddp

    6 months.

    14.4.2012 13:26 #3

  • LordRuss

    I would say 85% of Apple users don't even know how to check these files, let alone the process of getting rid of the thing.

    Yes, yes, I realize a 'patch' has been released, but this will only serve as a new backdoor function for a more devious attack here in the next week or so.

    Way to go Apple software engineers. Welcome to our PC nightmare.

    http://onlyinrussellsworld.blogspot.com

    14.4.2012 14:45 #4

  • xnonsuchx

    TIP: Don't go to questionable websites, which often end up being websites to get "free stuff". Maybe the cheapos looking for such stuff deserve an infection.

    15.4.2012 18:18 #5

  • Jimathome

    But that's impossible Macs can't get viruses they're infallible, it must just be propaganda from Seattle !

    16.4.2012 11:45 #6

  • biver

    Hopefully this continues...Less malware for pc's

    16.4.2012 13:27 #7

  • Mez

    Originally posted by xnonsuchx: TIP: Don't go to questionable websites, which often end up being websites to get "free stuff". Maybe the cheapos looking for such stuff deserve an infection. You are an ignoramus!

    Yes, you are not completely wrong those sites are more likely to infect than facebook. Reality is the malware infections comes from adds before they get to the host site. The better sites have better policing of their adds but I assure you you can get infected from any site that has adds. If you mouseover an infected add in facebook it can grab all your personal info stored on facebook.

    Yes, often free software has a secret bonus package for you.

    20.4.2012 10:11 #8

  • salsa36

    How do you get this crap? All of my Macs are working perfectly!!
    Is it Norton trying to sell something?

    20.4.2012 23:21 #9

  • LordRuss

    Originally posted by salsa36: How do you get this crap? All of my Macs are working perfectly!!
    Is it Norton trying to sell something?     Norton has been accused of that in the past. No doubt about it, but the last time I heard about that kind of dissension was something like 1998. And it really wasn't necessarily for the real reasons people thought it was for.

    I think it was the first steps in creating what we know as heuristic protection now, but it was a hard sell at the time & I'm certainly not selling it to the Apple folks now. They'll basically have to fend for themselves if they don't start taking this nonsense seriously.

    Their "genius'" are only so smart & are only going to be able to keep up with so many 'patches' before the code boners spooges themselves into a lather that floats Apple away into the unknown.

    Face it. You (Apple) have now become a target like the rest of us & worthy of negative attention. That's where virus' come from. Not Apple specific wunder-code. putz...

    http://onlyinrussellsworld.blogspot.com

    21.4.2012 09:14 #10

  • pmshah

    I have analogy for this.

    IRA attempted to assassinate Maggie but fortunately for her she got tied up with some urgent matter of the state and was not at the location where IRA conducted the raid. They left a note behind for her. It read something like ....

    "You have to be lucky every time, we have to be lucky only once"

    I would say this holds true for the malware / virus also.

    23.4.2012 02:43 #11

  • LordRuss

    Originally posted by pmshah: "You have to be lucky every time, we have to be lucky only once" I like it...

    http://onlyinrussellsworld.blogspot.com

    23.4.2012 12:52 #12

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud