Fresh Mac Trojan Deactivates OS X Security Solutions

Authors of malicious software have designed a Trojan especially for Mac, which attacks anti-malware solutions included in the Mac OS X operating system of Apple, outline security researchers from F-Secure the security company.

The researchers also state that the Trojan called "Flashback.C" has the potential to deactivate the auto-update feature, which's inside XProtect anti-malware software built into Apple, via the rewriting of the computer machine's binary which ensures the deployment of the XProtectUpdater update. However, this feature seemingly is still to be activated.

Meanwhile, upon loading and executing the Trojan, a malicious payload that external servers deliver makes it impossible for the host computer to acquire up-to-date anti-malware definitions, while the system could then become contaminated with more malware the end-user loads overlooking the alerts, which the XProtect functionality of Mac OS X is created for producing to end-users, when they make efforts for loading malware, which resembles familiar threats. These threats, Apple maintains in a definition catalog for daily referencing by XProtectUpdater.

Malware programs that deactivate computer-defenses represent a usual tool of cyber-criminals. Initially, these target built-in software that detects malware on environments of computing of any kind, F-Secure notes

Chief Research Officer Mikko Hypponen at F-Secure stated that researchers didn't have any idea of the number of end-users who'd been contaminated with Flashback, found on October 17, 2011; however, it was believed that they were very few in number. SCMagazineUS.com reported this on October 19, 2011.

Remarking about 'Flashback.C,' Graham Cluley Senior Technology Consultant at Sophos the security company stated that plentiful users of OS X weren't safeguarding themselves against Mac-based malware whose threat was ever growing, even though Trojans increased remarkably between October 2010 and September 2011. Tgdaily.com reported this on October 19, 2011.

Cluley articulated that given the creation of the new Mac malware for hindering XProtect to become up-to-date with fresh threat definitions, it became evident that online-crooks were eager for contaminating Apple PCs due to the possibility of monetary gains.

Clearly, according to Cluley, Flashback.C's creators weren't keeping ensconced with their success. For Mac users, they too mustn't be negligent regarding the actual danger, which existed as well, he cautioned.

Related article: Fark.com Files Suit against Suspected Hacker from Fox13

» SPAMfighter News - 10/28/2011