Posted by: David Harley | November 1, 2011

Infosecurity blog and malware descriptions update

Sometimes things move pretty fast in anti-malware, even in the sparsely-populated Mac threatscape. Last week I submitted an article to the Infosecurity Magazine blog on OSX/Tsunami, a low-prevalence/low-risk port of elderly Linux malcode to a Mach-O binary. It was interesting at the time (well, it still is) because it seems to offer some insight into an attack under development, but in the few days between submission and publication, the much more sophisticated Devilrobber has turned up out of the blue. Still less than apocalyptic, but technically very interesting.

Still, the article is a reasonable vendor-neutral summary (well, I think so)  with some commentary.

Also, the Mac Virus malware descriptions page has been updated to include information and resources for both Tsunami and Devilrobber. I’ll now patiently wait for the fanboi abuse for daring to suggest that low-prevalence OS X malware is worth mentioning…

Mac Virus/AVIEN/Small Blue-Green World

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: