Security news23 June 2008
Sophos warns Apple Mac users not to be complacent about security as new Trojan horse surfaces
Experts at SophosLabs, Sophos's global network of virus, spyware and spam analysis centers, have issued a warning advising Apple Mac users to ensure they are taking sufficient precautions to safeguard their computers, as a new Trojan horse for the Mac OS X platform is discovered.
TheOSX/Hovdy-A Trojan horse is capable of infecting Mac OS X computers, in an attempt to steal passwords, open firewall to give access to hackers, and disable security settings.
"It's true that Mac OS X computers are far less commonly targeted than Windows PCs by hackers and malware authors, but that doesn't mean that Apple lovers can rest on their laurels and disregard common sense when it comes to securing their computers," said Carole Theriault, senior security consultant at Sophos. "In the last twelve months, we have seen growing evidence that cybercriminals are looking increasingly for opportunities to hack into Mac computers for financial gain. Although the problem is much smaller than on Windows, Mac users would still be wise to ensure that they run an anti-virus, keep up-to-date with security patches, and to exercise care as to which programs they choose to install on their computers."
The Hovdy-A Trojan horse takes advantage of a recently publicised vulnerability in Apple's Mac OS X operating system, affecting its Apple Remote Desktop Agent (ARDAgent), to gain root access. Once a computer has been exploited, the hacker can gain complete control of the compromised Macintosh - covering its tracks by disabling system logging.
"Like many Windows attacks, this Mac Trojan horse relies on the user giving it permission to install itself. Using social engineering techniques, the Trojan horse could be disguised as a game, a video codec, or a handy new utility. Sadly, many Mac users are just as willing as their Windows-based cousins to install a program without careful thought as to safety," continued Theriault. "We are not witnessing a large scale attack by this Trojan, but it is worrying to see yet more hackers turning their malevolent gaze to the Mac platform."
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
