Mac OS X Ransomware KeRanger Is Linux Encoder Trojan

So there’s been a fair bit of noise this past week about the Mac OS X Ransomware, the first of its’ kind called KeRanger. It also happens to be the first popular Mac malware of any form for some time. It’s also a lesson to all the Apple fanbois that their OS is not impervious […] The post Mac OS X Ransomware KeRanger Is Linux Encoder Trojan...

Read the full post at

Zero Day Java Vulnerability Exploited – Macs Infected With Flashback Malware

Interesting timing this one, just a couple of days ago we reported – Avira Joins The Crowd & Starts To Offer Mac Antivirus Software – and now an unpatched vulnerability in Java for Mac OS that is being exploited in the wild. The vulnerability (CVE-2012-0507) was patched in Java by Oracle back in February, but [...]

Read the full post at

Avira Joins The Crowd & Starts To Offer Mac Antivirus Software

For years the Apple geeks were always self-praising and postulating that their OS was so secure and superior that it didn’t need any silly Anti Virus software. Things changed a couple of years back though, probably in 2009 when Mac OS X Snow Leopard Bundled With Malware Detector. Not long after that the commercial crowd [...]

Read the full post at

New Version of Mac Malware In The Wild

A new revision of an existing Mac malware has been spotted in the wild. This version has multiple attack vectors it will use in an effort to infect a user’s machine. Named Flashback.G, it is the first trojan that doesn’t require user intervention. Flashback.G first tries to take advantage of a pair of exploits in Java, one from 2008 and the other from November of 2011, both of which have been patched by Apple. If it is unsuccessful in exploiting either Java vulnerability, it will attempt to trick the user into running code it pretends is signed by Apple. Since the code is unsigned, a Mac will warn the user, however many users simply ignore this warning. Once installed on a computer, the malware will install a key logger and look for any username/password combinations that it can upload to a central server. Our best advice on this is to first make sure any Apple computers on your network are up to date (again, these vulnerabilities are from 2008 and 2011) and also ensure your users are aware of the risks involved with installing unsigned code. The following article provides a great screen shot at the bottom which shows how it attempts to trick users.