Posts Tagged ‘trojan’

First Trojan Based on ARDAgent Root Exploit

Monday, June 23rd, 2008

Secure Mac are reporting that they have found a trojan designed to take advantage of the ARDAgent root exploit that I posted about previously.

The Trojan dubbed “AppleScript.THT” allows the remote attacker full access to the system, steals usernames and passwords, hides by turning off system logging, opening firewall ports and can also be used to install key logging software, take pictures using the inbuilt iSight and to enable file sharing.

The Trojan come as either a compiled AppleScript titled ASthtv05 or as a disc image called ASthtv_06. In both cases, the files have to be downloaded and executed by the user. At the moment, the Trojan does not take advantage of any other Mac vulnerabilities to automatically infect new machines – but that’s probably only a matter of time.

Secure Mac are advising Mac users to use MacScan to protect themselves against the threat. Or you could just stop the ARDAgent service from running scripts as root.

Tags: , , , , ,
Posted in Apple, Mac OS X, Security, Software, Technology | Comments Off

Monster.com Comes Under Attack

Tuesday, August 21st, 2007

The BBC are reporting that the Monster.com recruitment site has been attacked, and that up to 1.6 million people could have had their personal details stolen.

The attackers apparently gained access to the employers section of the website through a stolen ID, and then proceeded to upload the data to a remote server.

Symantec were the first to report the theft after they noticed phising emails being sent to Monster.com users containing personal details. The emails direct the user to a website that contains a trojan that encrypts the data on a users hard-drive and demands a ransom to decrypt it.

Tags: , , , , , ,
Posted in Security, Technology | Comments Off