Share this Article

Silent Mac trojan found, watch out

Facebook
Twitter
LinkedIn

Mac trojan

Mac Virus Found

Macs, long touted by Apple to be the safest and most secure computers available have been coming under increasing attack lately, with a growing number of Mac specific malware infecting systems. This has caught many users off guard and they have been scrambling to ensure their systems are secure. There is a new threat that could cause trouble for Mac users.

Dubbed OSX/Crisis, this malware has just been discovered, and it’s an interesting one.

OSX/Crisis silently infects Mac users regardless of their status. If a user visits a website it is hosted on, or downloads an attachment with the malware attached, it will install itself without letting the user know.

As Mac users know, there are two types of users: Admin and non-admin. Admin users have rights to install and delete files, while non-admin don’t. Typically, if a user install something they have to enter an admin password to complete the install. OSX/Crisis doesn’t ask for this permission, meaning the user won’t even know they’ve been infected.

When the trojan is installed, it opens a backdoor to your computer, so a hacker can quickly and easily enter your computer without you noticing, or having to log in. The disturbing thing about OSX/Crisis is it installs different files depending on the user’s access privileges, giving hackers access to the computer regardless of authority of the user.

Intego.com, the company that found the malware has noted that there have been no cases of this malware in users. While it isn’t out there yet, chances are highly likely that it will be soon. The company also noted that it only works on OSX versions 10.6 and 10.7, earlier versions and the new version, 10.8 won’t allow it to install itself.

If you use Macs in your office, you should take precautionary steps by installing virus scanners, ensuring they’re up-to-date and conducting scans on a scheduled basis. To learn more about this threat and other security issues, please contact us.

Published with permission from TechAdvisory.org.