Apple Macintosh Flashback Trojan Sabpab

  • Save
  • Comments: 2
  • Views: 9,009
  • Updated: December 24, 2014 2014-12-24T00:05:24
  • Date: April 17, 2012
 +
Apple Macintosh Flashback Trojan Sabpab

Would you share this Article with others?

  • Yes (1)
  •       
  • No (0)   

MAC users though that their computers were immune to viruses, malwares and trojans. But these dangerous software program infections have been rising steadily over the past few years on the MAC /OS. There is a new trojan called Sabpab, which exploits unpatched Mac OS/X Java and Microsoft Word vulnerabilities.

The Microsoft Word exploit is called "LuckyCat" which allows malware to be spread via documents. The Mac OS/X Java exploit infects your computer if you should go to a web page that has the trojan. While on the page, the trojan will install itself without prompting you or giving you any indication that its being installed.

This trojan can allow a hacker to take remote control of your computer and use it maliciously or/and steal your information.

This is how the trojan behaves according to Symantec.com:

1. When the Trojan starts running, it creates the following file so that it executes whenever the victim's computer starts:
/Users/[USER NAME]/Library/ LaunchAgents/com .apple.PubSabAgent.plist

2. It creates the following file:
/Users/[USER NAME]/ Library/Preferences /com.apple.PubSabAgent.pfile

3. It connects to the following location and opens a back door on the victim's computer:
[http://]rtx556.onedumb.com

4. It may allow a remote attacker to perform the following actions on the victim's computer:

5. Download other malicious  files to the victim's computer
6. Take screenshots of your computer screen
7. Upload information is has gathered to a remote computer

Mac users should ensure that an anti-virus software is installed and updated daily.

For a patch update, please see go to:

http://support.apple.com/ kb/DL1516

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Check the comment section below for additional information, if there is any. Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com. And, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent. Also, to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
(Total: 2)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • April 30, 2012 at 6:00 PM by an anonymous user

    I use to hate when people say that MACs were virus proof. Every programmable device can be infected with a virus.

    remove

  • April 18, 2012 at 6:46 PM by an anonymous user

    Macs users it is your turn

    remove

 Show More Comments (2)
Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Online Threat Alerts (OTA)

Apple Macintosh Flashback Trojan Sabpab