Jump to content


New targeted Mac OS X Trojan requires no user interaction

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 30,417 posts

Posted 15 April 2012 - 07:28 PM

New targeted Mac OS X Trojan requires no user interaction

By Emil Protalinski | April 14, 2012, 12:44pm PDT

Summary: A new Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is also exploiting Java vulnerabilities in a way that requires no user interaction. It is being used in targeted attacks.

Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kaspersky refers to it as ?Backdoor.OSX.SabPub.a? while Sophos calls it at ?SX/Sabpab-A.?

After infecting a given Mac, this Trojan is like most: it connects to a remote website using HTTP in typical command and control (C&C) fashion to fetch instructions from remote hackers telling it what to do. The backdoor contains functionality to take screenshots of the user?s current session, upload and download files, as well as execute commands remotely on the infected machine. Encrypted logs are sent back to the control server, so the hackers can monitor activity.