i2 Security Blog

Keeping you upto date on the world of IT Security

i2 Security Blog - Keeping you upto date on the world of IT Security

MAC Attack using Tsunami Trojan

A new attack against Apple MAC’s has been discovered and is being termed the “Tsunami Trojan”.

 

The newly discovered Tsunami Trojan is derived from an earlier Linux-infecting backdoor Trojan, called Kaiten, which connected back from infected machines to an IRC channel for further instructions. It appears Security firms are still in the process of analysing Tsunami but early speculation suggests it may be a DDoS attack tool.

 

“Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn’t mean the problem is non-existent,” says Graham Cluley security firm Sophos.

“We fully expect to see cybercriminals continuing to target poorly protected Mac computers in the future. If the bad guys think they can make money out of infecting and compromising Macs, they will keep trying. My advice to Mac users is simple: don’t be a soft target, protect yourself.”

 

I would fully agree with what Graham Cluley says, many people think there are no Trojans or Virus’ for MAC’s but they are mistaken, and this article proves it once again.  No matter what operating system you are running, be it Windows, Linux or Mac OSX you should still look to secure it and keep patches up to date and run security software.

 

Don’t be one of the poorly protected computers spoken of above!

 

If you are a Mac user concerned by security Sophos currently offer a free antivirus solution available from their site for download.

Sick Facebook scammers try to exploit the death of a genius

As always in the world we live in it hasn’t taken long for the scammers to try to exploit a sad world event, the passing away of Steve Jobs.

The scammers are telling people that an unnamed company are giving away 50 iPad’s in memory of the Apple genius.  Victims are asked to follow a link and complete a survey to qualify for the prize.

The offer is obviously a fake one and so far over 15000 users have followed the link, according to reports from the security company Sophos.
The scammers are aiming to make money from affiliate links, basically they make more money the more people they drive to certain websites such as gambling, contests and survey sites.  Obviously they could just as easily point you to sites hosting malicious content, but in this particular scam all pages that you redirect to are the types mentioned above.

I think we can expect a few more of this type of scam over the coming days, as always these scams seem to surface after an event like this.
Just be careful of the links you click on, never give away your personal details, logins, bank details etc and try to keep all your anti virus and other software up to date.

Apple OSX Lion Password Security

Recently the long awaited update to Apple’s OSX was released in the form of ‘LION’. However Apple seem to have gone back in time with their implementation of password security on Lion.

Directory Services in OSX used to require authentication when requesting a password change, but this is no longer the case in Lion.

In order to change the password of the currently logged in user all you need to type is:

$ dscl localhost -passwd /Search/Users/Jon
(where Jon is the current user)

Now although this requires a machine to be left unlocked, how many times do you you see a Mac left unlocked on someones desk???