Another Mac Trojan Detected

Another Mac Trojan Detected, Potentially Bigger Than the First

“Fresh off the news that more than 650,000 Mac computers have been infected with a nasty Trojan horse virus called “Flashback,” another Apple threat is on the prowl.

According to anti-virus software provider Kaspersky Lab, a Trojan called SabPub — or more formally, Backdoor.OSX.SabPub.a — has recently been spreading via Java and could be infecting computers when people open email messages with suspicious links that direct users to malware.

“The Flashback and the SabPub Trojans are totally different,” Alex Gostev, chief security expert of Kaspersky Lab, told Mashable. “SabPub is classic backdoor Trojan, so it opens full access to a victim’s system for attackers. Flashback and its known variants is downloader and clickjacking bot, which means it conducts click fraud scam by hijacking people’s search engine results inside their web browsers.”

That said, the latest malware has the potential to reach far more computers than the Flashback Trojan.

“The latest version of the SabPub Trojan can infect more people than previous versions of this malware, which appeared earlier this year,” Gostev said. “In February, SabPub was exploiting a Microsoft Word vulnerability, which was fixed long time ago. The latest version of SabPub uses the Java exploit to spread infection in a more effective way because the Java exploit is delivered via a drive by download, which occurs when people click on URLs with malware via email.”

Gostev also noted that SabPub is also being used to attack specific targets: “It would seem that the attackers have an extremely select list of victims that is not very large.”

Although Mac users may think they are safe from viruses, Kaspersky Lab noted that before 2012 about 300 variants of Mac malware had been detected. Now, however, more than 70 have been detected in the past three months.”

Read the full article: Click here