Important Mac Security Advisory

A nasty little script has appeared on someone’s machine. I suggest reading the entire page about it, though some sections are a little more technical than others.

This script does not exploit a known security hole in OS X. Rather, it does things that are all possible as an administrator and should be taken more as a warning about being careful about what you download and install. Not downloading software from services like LimeWire would be a good start. This is essentially a Trojan horse attack (like the Microsoft Office Installer Trojan). However, it’s more insidious in that its effects are not immediately visible, opting instead to facilitate things like allowing remote control and indentity theft.

I suspect that most likely, the original victim was downloading warez and just didn’t want to own up to getting caught with his hand in the cookie jar. Until the source is discovered, heed a warning that has always been true: be careful with what you install.

Leave a Comment

Register or Log in.

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

It sounds like SK2 has recently been updated on this blog. But not fully configured. You MUST visit Spam Karma's admin page at least once before letting it filter your comments (chaos may ensue otherwise).

Note: Registration is appreciated, but not required.

If you are having trouble with my spam blocker, contact me.