Apple Macintosh Flashback Trojan Sabpab

  • Comments Comments: 2
  • OTA Views: 9,010
  • SaveSave
  • Update Updated: Dec. 24, 2014 2014-12-24T00:05:24
  • Date Posted: Apr. 17, 2012

MAC users though that their computers were immune to viruses, malwares and trojans. But these dangerous software program infections have been rising steadily over the past few years on the MAC /OS. There is a new trojan called Sabpab, which exploits unpatched Mac OS/X Java and Microsoft Word vulnerabilities.

Apple Macintosh Flashback Trojan Sabpab

The Microsoft Word exploit is called "LuckyCat" which allows malware to be spread via documents. The Mac OS/X Java exploit infects your computer if you should go to a web page that has the trojan. While on the page, the trojan will install itself without prompting you or giving you any indication that its being installed.

This trojan can allow a hacker to take remote control of your computer and use it maliciously or/and steal your information.

This is how the trojan behaves according to Symantec.com:

1. When the Trojan starts running, it creates the following file so that it executes whenever the victim's computer starts:
/Users/[USER NAME]/Library/ LaunchAgents/com .apple.PubSabAgent.plist

2. It creates the following file:
/Users/[USER NAME]/ Library/Preferences /com.apple.PubSabAgent.pfile

3. It connects to the following location and opens a back door on the victim's computer:
[http://]rtx556.onedumb.com

4. It may allow a remote attacker to perform the following actions on the victim's computer:

5. Download other malicious  files to the victim's computer
6. Take screenshots of your computer screen
7. Upload information is has gathered to a remote computer

Mac users should ensure that an anti-virus software is installed and updated daily.

For a patch update, please see go to:

http://support.apple.com/ kb/DL1516

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
  • YesLike (1)
  •       
  • NoDislike (0)   
Share this with others:
Facebook
WhatsApp
Twitter
Reddit
Pinterest
Line Me
Save

DonateHelp maintain Online Threat Alerts (OTA) by clicking here.

Comments, Questions, Answers, or Reviews

Comments (Total: 2)

To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews. NB: We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your comment, answer, or review will be set as anonymous because you are not signed in. An anonymous comment, answer, or review cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • April 30, 2012 at 6:00 PM by an anonymous user

    I use to hate when people say that MACs were virus proof. Every programmable device can be infected with a virus.

  • April 18, 2012 at 6:46 PM by an anonymous user

    Macs users it is your turn

Comments Show More Comments (1)

Write Your Comment, Question, Answer, or Review

Online Threat Alerts (OTA)

Apple Macintosh Flashback Trojan Sabpab