New Trojan "LuckyCat" Found in Microsoft Office for Mac

Tuesday, April 17, 2012

Mac users may think they're safe just because Mac is the Operating System of the Future. They are wrong. As Mac OS becomes more and more popular, so do the virus attacked.


Thanks to Securelist's Costin Raiu, a Kaspersky Lab expert, what has been found is a Mac-specific trojan called Backdoor.OSX.SabPub.a, also known as LuckyCat. The trojan is said to exploit a hole found in the Microsoft Office for Mac suite. As with most trojan attacks of this nature, it infects via vulnerabilities found in a Java exploit. Once infected, LuckyCat uses a vulnerability named CVE-2009-0563 to spread itself. This vulnerability is one found in Microsoft Office Documents. 

The purpose of the trojan at this point is unknown but Securelist had this to say:

We are pretty confident the operation of the bot was done manually -- which means a real attacker, who manually checks the infected machines and extracts data from them.
Securelist confirms that the trojan is currently active though at this point it is unclear what the intent of the attacker is.


How can I prevent myself from attaining these sort of viruses?


Turn off Safari's auto-open command
In Safari, go to the General section of the preferences and uncheck the option to "Open safe files after downloading." Safari may not open applications, but when checked it will open documents and media that may contain malicious executable code. It is recommended that this option is disabled/turned off.


Install an Antimalware/Antivirus Solution
Many Antivirus companies that provide solutions for PC also provide solutions for Mac. These solutions include NortonMcAfee and even AVG. It is always recommended that you have an Antivirus/Antimalware solution running at all times, not only for your safety, but also for the safety of others.

Never trust a program
If something asks you to install an item on your system, shut it down and confirm the source of the item. Only install programs on your system if you know exactly where they came from and what they do.

0 Blogger:

Post a Comment

 
Computer Software is Your Friend © 2012 | Designed by Bubble Shooter, in collaboration with Reseller Hosting , Forum Jual Beli and Business Solutions