Close

  • Macs Not As Safe As You May Think After New Screenshot-Taking Malware Found

    Results 1 to 1 of 1
    1. 17th May 2013 #1
      evilsatan
      evilsatan is offline
      DF Super Moderator
      evilsatan's Avatar
      Join Date
      Jul 2004
      Location
      Essex
      Posts
      20,080
      Thanks
      1,105
      Thanked:        3,242
      Karma Level
      1542

      Info Macs Not As Safe As You May Think After New Screenshot-Taking Malware Found

      Many Mac users operate under the assumption that they are impervious to viruses and malware, but as we are finding more and more these days, that’s not strictly true. A new piece of malware has recently been found that appears to take screenshots of a user’s desktop which are then saved to a folder in the user’s Home directory.

      The malware masquerades as an app called macs.app which starts each time the Mac boots up. It then appears to take screenshots and save them to a folder called MacApp.



      According to the security researcher that found the malware, the malware is associated to two command and control servers. Both securitytable.org and docsforum.info appear to related to macs.app, though one is offline and the other offers a ‘public access forbidden’ message when accessed. It’s not yet known where the malware originated, but interestingly it is signed by a registered Mac developer going by the name of Rajendar Kumar.

      Apple’s app signing process is supposed to prevent situations like this, though it’s obviously doubtful that this developer is legit. The name is similar to a famous Bollywood actor that recently passed away, prompting suggestions that the name of the developer may be a reference to the late actor.
      This bit of malware is somewhat unique in that it is signed with what appears to be a valid Apple Developer ID associated with the name Rajender Kumar. Though not an uncommon name, this may be a reference to the late Bollywood actor of a similar name. Regardless, the use of the ID appears to be an attempt to bypass Apple’s Gatekeeper execut1on prevention technology.

      Currently, it is being investigated where the malware originated and although it does not appear to be widespread at this point, people are reminded that removing the app from the list of startup items all but removes the risk posed by macs.app.



      Apple can be either particularly quick, or particularly slow when offering up security fixes, so we’ll just have to wait and see which it is this time around. The seemingly small nature of the attacks caused by this malware may see Apple put it on the back burner so close to WWDC. Whether it should do such a thing or not is entirely debatable.
      (via: Cnet)

      Source
      Last edited by evilsatan; 17th May 2013 at 09:59 AM.

      Reply With Quote Reply With Quote
    « Previous Thread | Next Thread »

    Similar Threads

    1. Name some well built, safe, solid running, low priced cars.
      By Neuron Pulse in forum Cars & Motorbikes
      Replies: 13
      Last Post: 14th September 2002, 02:53 PM
    2. away to flash retail carts found??
      By the_fonz in forum Old Skool Gaming & Retro
      Replies: 3
      Last Post: 14th September 2002, 03:34 AM
    3. Re-format and hardware not found
      By beekae in forum PC Problems
      Replies: 2
      Last Post: 11th September 2002, 01:07 AM
    4. cpu safe temps
      By crocodile13 in forum PC Hardware
      Replies: 9
      Last Post: 6th September 2002, 02:13 AM
    5. Am i taking the p*ss ?
      By sanjuro in forum The Dog and Duck
      Replies: 6
      Last Post: 30th August 2002, 01:39 PM

    Social Networking Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  

    Forum Rules