• Another Mac Trojan Discovered Hiding in Microsoft Office




    The Flashback Trojan dominated headlines, news feeds, and Twitter feeds over the last couple weeks as the revelation that Macs can be affected by malware, viruses, and other exploits blew the collective mind of the country. Expect the trend of shocked consumers to continue as another Mac Trojan has been identified.

    The new Mac-specific trojan is called Backdoor.OSX.SabPub.a and is spreading because of a vulnerability in Microsoft Office for Mac. The already month-old trojan uses a Java exploit (don't they all?) to get get around malware protection software. Once installed it connects to a command and control server hosted on a server in California. The Trojan spreads through infected Office documents actively searching through documents. What for? This isn't known yet.

    The SabPub exploit actually has one other variant created at an earlier time. An interesting bit, the word document that spread the trojan was named "10th March Statement" which directly linked with the Dalai-Lama and Tebetan Community. The Dalai-Lama released a special statement on March 10, 2011 in honor of the Anniversary of the Tibetan People's National Uprising Day.

    This is further evidence that the popularity of OSX, and Apple's success is beginning to warrant the creation of OSX specific viruses, and malware attacks. The honeymoon was bound to end.

    Source: Securelist
  • Connect With Us

  • Twitter Box

  • Facebook