Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

OSX.Trojan.PokerStealer Trojan Horse

June 23rd 2008 in Uncategorized

Information courtesy of Intego, a company specializing in security products for the Mac.

Intego has released a security memo describing a trojan horse for the Mac – a poker game that, when run, harvests the username, password and IP address of the victim and transmits it to a server, as well as enabling ssh on the victim’s Mac computer.  As noted by Intego, once ssh is enabled, the attacker can “attempt to take control of [the Mac], delete files, damage the operating system, or much more“.

The poker game is an effective example of social engineering, and demonstrates that anybody, whether he be a Windows or Mac user, can be tricked into handing over our username and password, and the existence of the software is worth publicizing in the hope that it will make all of us stop and think the next time we are asked to enter our admin password when installing software.

Already I am reading about comments deriding Intego’s “financial incentive for discovering and reporting” on Mac specific trojan horses and whatnot.  Those making such comments are not doing anybody any favours and, to be honest, they need to get over themselves.  Yes, Intego can gain a financial benefit from such publicity – after all, they sell security software for the Mac – but reality is that the malicious software is out there, and is a good example of an effective mechanism for tricking Mac users.

Screenshot:

PokerGame


Comments are closed.

:o) Source: http://ars.userfriendly.org/cartoons/?id=20080623

Previous Entry

First Choice in French (we have seen malvertizements featuring First Choice before – eg: this one in English) This malvertizement exposes a domain to us, waytotheprofit.com/?cmpid=atrecreant and click.adlbrite.com.  adlbrite.com is hosted by nine.ch in Switzerland (yes, the same nine.ch that has hosted domains used by malvertizements in the […]

Next Entry

Archives