April 19, 2012

Kaspersky Detects Another Mac Trojan, Exploits Java and MS Office

Kaspersky LabJust after the fresh news that over 650,000 Mac computers have been infected with Trojan another Trojan was detected. According to Kaspersky Lab, a leading anti-virus software provider called SabPub or Backdoor.OSX.SabPub.a has recently been spreading through Java and might be spreading in computers when users have opened e-mail messages with suspicious links that re-direct users to the malware.

According to Alex Gostev, Kaspersky Lab’s chief security expert, “The Flashback and the SabPub Trojans are totally different. SabPub is classic backdoor Trojan, so it opens full access to a victim’s system for attackers. Flashback and its known variants is downloader and clickjacing bot, which means it conducts click fraud scam by highjacking people’s search engine results inside their web browsers.”

This latest malware has all thecapability to spread to more computers compared to Flashback Trojan.

According to Gostev in February SabPub Trojan was exploiting a MS word vulnerability, fixed long time back. SabPub’s latest version uses Java exploit to distribute infection in more effective way as the Java exploit is delivered through a drive by download when users click on malware infected URL through email.”

He also noted that SabPub is also used to attack specific targets and said, “It would seem that the attackers have an extremely select list of victims that is not very large.”


Post a Comment


Twitter Delicious Facebook Digg Stumbleupon Favorites More