i2 Security Blog

Keeping you upto date on the world of IT Security

i2 Security Blog - Keeping you upto date on the world of IT Security

MAC Attack using Tsunami Trojan

A new attack against Apple MAC’s has been discovered and is being termed the “Tsunami Trojan”.

 

The newly discovered Tsunami Trojan is derived from an earlier Linux-infecting backdoor Trojan, called Kaiten, which connected back from infected machines to an IRC channel for further instructions. It appears Security firms are still in the process of analysing Tsunami but early speculation suggests it may be a DDoS attack tool.

 

“Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn’t mean the problem is non-existent,” says Graham Cluley security firm Sophos.

“We fully expect to see cybercriminals continuing to target poorly protected Mac computers in the future. If the bad guys think they can make money out of infecting and compromising Macs, they will keep trying. My advice to Mac users is simple: don’t be a soft target, protect yourself.”

 

I would fully agree with what Graham Cluley says, many people think there are no Trojans or Virus’ for MAC’s but they are mistaken, and this article proves it once again.  No matter what operating system you are running, be it Windows, Linux or Mac OSX you should still look to secure it and keep patches up to date and run security software.

 

Don’t be one of the poorly protected computers spoken of above!

 

If you are a Mac user concerned by security Sophos currently offer a free antivirus solution available from their site for download.

MAC Webcams Hijacked via a bug in Flash

It has emerged that a bug in Adobe’s Flash player can allow webcam’s and microphone’s on Apple Mac’s to be hijacked by website owners allowing them to eavesdrop without permission.

All that’s required is to visit a malicious website and to click on a few buttons on that page.  Without warning, the visitor’s camera and microphone will be activated and the video and audio intercepted.  On Wednesday Adobe said they were planning on fixing the vulnerability, which is caused by flaws in the Flash Player Settings Manager.  The panel, which is used to designate which sites may access feeds from a user’s camera and mic, is delivered in the SWF format used by Flash.  A computer science student at Stanford University, Feross Aboukhadijeh, discovered he could embed the SWF file as an invisible iframe and superimpose misleading graphics on top that tricked visitors into making changes to the underlying privacy settings.

Settings Manager is actually hosted on Adobe’s servers and therefore a fix should be able to be implemented without having to release an update to users machines.  A spokesperson for Adobe has said an update should be in place by he end of he week.

The Stanford student said so far only Mac’s running Safari or Firefox were vulnerable, however he indicated that further research may lead to this attack becoming more universal.