Corrine Posted April 14, 2012 Share Posted April 14, 2012 Sophos reports that, like Flashback,Sabpab doesn't require any user interaction. It exploits the same drive-by Java vulnerability used to create the Flashback botnet. The newly discovered Sabpab malware is in many ways a basic backdoor Trojan horse. It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do. The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely. BTW, Sophos offers free antivirus software for Mac home users: Sophos Free AntiVirus for Mac Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted April 16, 2012 Share Posted April 16, 2012 New version of Mac OS X Trojan exploits Word, not Java - ZDNet By Emil Protalinski Summary: A second variant of the Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is exploiting a Microsoft Word security hole, not the usual Java vulnerabilities used before. Just a few days ago, a new Mac OS X Trojan was spotted in the wild that exploited Java vulnerabilities and required no user interaction to infect your Apple Mac, just like the Flashback Trojan. Kaspersky referred to it as “Backdoor.OSX.SabPub.a” while Sophos called it at “SX/Sabpab-A.” Now, both security firms have confirmed a different variant of this new Trojan that infects Macs by exploiting Microsoft Word, not Java. Sophos detects the malicious Word documents as Troj/DocOSXDr-A and points to the following Microsoft Security Bulletin: MS09-027. Kaspersky meanwhile points to this security bulletin for the same Microsoft Word security hole: CVE-2009-0563. RED emphasis mine. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.