The OSX/Hovdy-A Trojan horse, which relies on the user giving it permission to install itself, is an attempt to steal passwords, open firewall to give access to hackers, and disable security settings.
The Hovdy-A Trojan horse takes advantage of a vulnerability in Apple’s Mac OS X operating system, affecting the Apple Remote Desktop Agent (ARDAgent), to gain root access. Once the user has given permission and installed the OSX/Hovdy-A Trojan horse, the hacker can gain complete control of the compromised Macintosh – covering its tracks by disabling system logging.
This Trojan horse relies on the user giving it permission to install. Using social engineering techniques, the Trojan horse could be disguised as a game, a video codec, etc.
When run the Trojan will attempt to install itself to the /Library/Caches folder and perform the following tasks:
– disable system logging and delete system log files
– start PHPShell and web server
– start ARD, VNC and SSH services
– disable system updates
– open ports in the firewall
– disable third party security software
– steal various password hashes and keys which may be used to compromise other systems
OSX/Hovdy-A will also attempt to use the ARDAgent vulnerability to obtain root access.
More info via Spohos here.
MacDailyNews Note: As always, do not download, authorize, and install software from unknown, untrusted Websites or any other sources.
A Macintosh, being a computer, is vulnerable to malware.
Macintosh users are smart.
Malware creators, if they were smart enough to do something useful, wouldn’t write malware. Ergo, malware creators are morons.
A Macintosh user, being smart enough not to run Windows, can outsmart malware creators [morons].
That’s why malware isn’t a problem for us Mac users. We’re smarter than the rest of you. No. I’m NOT being sarcastic.
Everyone who disagrees with me is far too stupid for me to waste my precious time arguing with. Get a Mac or shut up.
P.S. I just love this site. The flame wars are far more fun than the news.
As it gets nastier out there remember:
Safest to run an Admin side, and have your daily use on a created User side. Less damage if they do get in. Plus if you have to remember your Admin password it makes you think twice about what the heck you’re about to allow into your system.
And remember that box under Safari > Preferences > General > that says “open safe files after downloading.” well uncheck it. You don’t want anything opening automatically. I recheck it when need a new widget off a reliable site, then uncheck again.
Wait til your idol CEO collapses from AIDS, and then learn the value of protection, macfags.
And what goes in real life, goes for the computer as well.