Apple Macintosh Flashback Trojan Sabpab
MAC users though that their computers were immune to viruses, malwares and trojans. But these dangerous software program infections have been rising steadily over the past few years on the MAC /OS. There is a new trojan called Sabpab, which exploits unpatched Mac OS/X Java and Microsoft Word vulnerabilities.
The Microsoft Word exploit is called "LuckyCat" which allows malware to be spread via documents. The Mac OS/XJava exploit infects your computer if you should go to a web page that has the trojan. While on the page, the trojan will install itself without prompting you or giving you any indication that its being installed.
This trojan can allow a hacker to take remote control of your computer and use it maliciously or/and steal your information.
This is how the trojan behaves according to Symantec.com:
1. When the Trojan starts running, it creates the following file so that it executes whenever the victim's computer starts:
/Users/[USER NAME]/Library/ LaunchAgents/com .apple.PubSabAgent.plist
2. It creates the following file:
/Users/[USER NAME]/ Library/Preferences /com.apple.PubSabAgent.pfile
3. It connects to the following location and opens a back door on the victim's computer:
[http://]rtx556.onedumb.com
4. It may allow a remote attacker to perform the following actions on the victim's computer:
5. Download other malicious files to the victim's computer
6. Take screenshots of your computer screen
7. Upload information is has gathered to a remote computer
Mac users should ensure that an anti-virus software is installed and updated daily.
For a patch update, please see go to:
http://support.apple.com/ kb/DL1516
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.