OSX/Tored.A Proof of Concept Malware
Printer-friendly version
PDF versionINTEGO SECURITY MEMO - April 29, 2009
Exploit: OSX/Tored.A Proof of Concept Malware
Discovered: April 22, 2009
Risk: Very low
Description: Intego has discovered a new proof-of-concept malware it is calling OSX/Tored.A. This malware is an application created with RealBasic, a version of the BASIC programming language available for Mac OS X, Windows and Linux. The malware in question is a self-contained application, which contains RealBasic code and a runtime needed for that code to execute. The malware attempts to copy itself to the System folder and the System/Library/StartupItems folder, renaming itself “applesystem” or “systemupdate”. It obtains e-mail addresses from Address Book, and sends e-mails to recent recipients containing a copy of the malware, but does so with an SMTP server that is currently non-existent. This malware also attempts to create a botnet, and records some keystrokes, and attempts to copy itself to other disks that are mounted.
While this malware is currently not in the wild, Intego finds the use of RealBasic, and its runtime, to be a novel approach to malware. Because of this, Intego has created a new malware class for VirusBarrier X5. However, the code in this malware is faulty, and it does not work correctly, so there is no real threat from this malware.
Means of protection: The best way to protect against this exploit is to run Intego VirusBarrier X5; the program’s virus definitions dated April 28, 2009 or later detect this malware. Intego VirusBarrier X5 eradicates the malicious code and prevents the malware from acting. Intego recommends that users never download and install software from untrusted sources or questionable web sites, and that people use care when opening unexpected attachments to e-mail messages, even from friends and colleagues.
About Intego
Intego develops and sells desktop and server security and privacy software for Macintosh.
Intego provides the widest range of software to protect users and their Macs from the dangers of the Internet. Intego's multilingual software repeatedly receives awards from Mac magazines, and protects more than one million users in over 60 countries. Intego has headquarters in the USA, France and Japan.
We protect your world.
News Source : OSX/Tored.A Proof of Concept Malware
Copy this html code to your website/blog and link to this press release.
More User Press Releases
- INTEGO UPDATES VIRUSBARRIER X6 WITH 11 NEW FEATURES
- INTEGO RELEASES REMOTE MANAGEMENT CONSOLE 2
- GET 10 TIME-SAVING MAC UTILITIES FOR ONLY $49.99
- INTEGO UPDATES PERSONAL ANTISPAM TO SUPPORT OUTLOOK 2011
- INTEGO SUMMER PROMO OFFERS MULTI-SEAT LICENSES AT HALF PRICE
- APPLE RECOGNIZES VIRUS AND MALWARE THREAT TO MAC OS X
- INTEGO CONCLUDES DISTRIBUTION AGREEMENT FOR PORTUGAL AND SOMEPORTUGESE-SPEAKING COUNTRIES WITH INTERLOG INFORMATICA
- Java/Evasion.A Java Vulnerability
- INTEGO SIGNS DISTRIBUTION AGREEMENT WITH INGRAM MICRO
- The Conficker Worm and Mac OS X
Facebook
Twitter
del.icio.us
LinkedIn
Digg
StumbleUpon
Forward
Google
Favorite
Favorite on Technorati