Real Mac nerds have always known that Apple’s Macintosh has no special immunity to viruses and worms—it’s just that the greater malware community has historically spent its time exploiting Windows. However, as the Mac has resurged in popularity, it was only a matter of time before serious malware began to target the Mac—and a new trojan reported by SecureMac may be the tip of the iceberg.
SecureMac claims to have discovered multiple variations on an AppleScript-based trojan horse it has dubbed AppleScript.THT. The trojan exploits a recently reported vulnerability in Apple’s Apple Remote Desktop technology that can grant a malicious program root access to the system. If a user executes the trojan, an attacker can essentially gain complete control of the user’s Mac OS X system, including the abiity to capture system and user passwords, altering firewall settings, log keystrokes, take screenshots, turn on file sharing, and even take pictures with the iSight cameras built into many notebook and iMac models. SecureMac claims the Trojan is being distributed as both a compiled AppleScript or as an application bundle; in order for the trojan to take over a system, a user has to manually run it…at which point it adds itself to the system login items.
SecureMac says it has updated its MacScan product to detect and remove the trojan; other Mac security vendors are expected to follow suit in short order. Security developer Intego&dmash;which has caught flak in the past for brazenly capitalizing on supposed Mac security threats—has also updated its VirusBarrier product and issued an advisory on the vulnerability.
Editors' Recommendations
- Best refurbished MacBook deals: Get a MacBook Air for $140 and more
- Best MacBook deals: Get an Air for $605 and save on M3 MacBook Pro
- iMac deals: New, renewed and refurbished iMac computers
- How to create a Smart Folder on a Mac
- How to change the login picture on a Mac