Posted by: David Harley | November 1, 2011

Infosecurity blog and malware descriptions update

Sometimes things move pretty fast in anti-malware, even in the sparsely-populated Mac threatscape. Last week I submitted an article to the Infosecurity Magazine blog on OSX/Tsunami, a low-prevalence/low-risk port of elderly Linux malcode to a Mach-O binary. It was interesting at the time (well, it still is) because it seems to offer some insight into an attack under development, but in the few days between submission and publication, the much more sophisticated Devilrobber has turned up out of the blue. Still less than apocalyptic, but technically very interesting.

Still, the article is a reasonable vendor-neutral summary (well, I think so)  with some commentary.

Also, the Mac Virus malware descriptions page has been updated to include information and resources for both Tsunami and Devilrobber. I’ll now patiently wait for the fanboi abuse for daring to suggest that low-prevalence OS X malware is worth mentioning…

David Harley CITP FBCS CISSP
Mac Virus/AVIEN/Small Blue-Green World

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: