Posted by: David Harley | April 19, 2010

More on that hellish Mac malware…

…that I mentioned a day or two ago at https://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/.

There’s a little more information in Graham Cluley’s blog http://www.sophos.com/blogs/gc/g/2010/04/19/mac-backdoor-trojan-horse-discovered/ and on the Sophos information page at http://www.sophos.com/security/analyses/viruses-and-spyware/osxpinheadb.html.

While there are still no reports of in-the-wild infections, Graham notes:

It does, however, appear to have been distributed disguised as iPhoto, the photo application which ships on modern Mac computers. This is clearly an attempt to fool victims via a social engineering trick into installing the malicious code on their computers.

 Kind of ironic. I was working on a presentation this morning with a slide that draws an unkind conclusion from the fact that social engineering used against Mac users almost invariably uses sex-related “hooks”. 😉

David Harley FBCS CITP CISSP
Mac Virus
Small Blue-Green World
AVIEN Chief Operations Officer
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/blog
http://avien.net/blog/
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://chainmailcheck.wordpress.com
http://amtso.wordpress.com

Advertisements

Posted in David Harley, Graham Cluley, OSX/HellRTS.D, OSX/Pinhead-B, Sophos, Uncategorized | Tags: , , , , , , , , ,

«
»

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Cancel

Connecting to %s

Categories

%d bloggers like this: