Malicious Trojan Horse Plagues Apple Mac OS Users

Tuesday, June 24th 2008

Nowadays everyone will tell you that most virus, spyware, malware and other malicious definitions are written solely for Windows, but it appears that times have changed a bit. Security experts are warning now about a new Trojan horse released in the wild, targeting Apple operating systems or more specifically Mac OS X Tiger and Leopard (version 10.4 and 10.5). In addition to the usual stuff a trojan can do (run in background, open ports, steal your passwords, replicate etc.) this one can also log what you type in every moment, take screenshots of your active desktop and even take a picture of you using Mac's built-in iSight camera. Here's how it works: AppleScript.THT comes either as a 3.1MB application dubbed AStht_v06 or as a 60KB compiled AppleScript script called ASthtv05. Once started on a Mac OS system it adds itself to the System Login Items and thus runs with root privileges every time the OS is started. Once the system is infected AppleScript.THT also moves itself into the /Library/Caches/ folder. To protect your system against this threat, security experts advice to run SecureMac MacScan 2.5.2 anti-virus software with the latest Spyware Definitions update (2008011). More details on the malicious code and additional removal instructions are posted here.

Source: TG Daily

posted by malware - 9:28 PM | Related News |

User comments

by malware (9:33 PM) - Reply

Thanks CrAsHnBuRnXp.

by thoughtdisorder (9:50 PM) - Reply

by: malware
In addition to the usual stuff a trojan can do (run in background, open ports, steal your passwords, replicate etc.) this one can also log what you type in every moment, take screenshots of your active desktop and even take a picture of you using Mac's built-in iSight camera.

Now that is some scary stuff!:eek: Certainly knew this was coming though, and the trojans that will become more and more prevalent on our communication devices concern me as well...:twitch:

by imperialreign (9:53 PM) - Reply

I'm sorry . . . I'd have something more insightful to say, but . . . I'm suppressing a chuckle :p

by candle_86 (9:54 PM) - Reply

oh Mac got burned, i knew there stuff was easier to access, see Vista is more secure, things can't do this with a script to gain root system access :D MS 1 apple 0

by Ravenas (9:56 PM) - Reply

Lol I don't think a trojan can steal your password without a keylogger, so your pretty much repeating yourself. Furthermore, keyloggers aren't some new thing that has popped up on Apples...Every decent trojan will have a keylogger.

by timta2 (10:08 PM) - Reply

"Plagues Apple Mac OS Users"?! Seriously? I've never been plagued by ANYTHING on my Mac, now my PC I can tell you stories about. This "Trojan" requires a user's participation, which most of us are smart enough to avoid. This is NOT widespread by any means. Another interesting point is that I never hear of any Mac trojan/virus announcement that isn't accompanied by an AntiVirus software companies name or product. (Its a scam!).

by candle_86 (10:10 PM) - Reply

you just heard of one, and it wasn't a test on the system, your mac market is big enough now for the hackers to care, and they are tired of hearing how secure it is lol. This is the preemptive strike i'd guess

by timta2 (10:15 PM) - Reply

"The Trojan is distributed as either a compiled AppleScript, called ASthtv05 (60 KB in size), or as an application bundle called AStht_v06 (3.1 MB in size). The user must download and open the Trojan horse in order to become infected." (Interesting that Malware's summary didn't include this!) candle_86 the announcement is from a Mac security software company therefore your point is invalid. I STILL haven't heard of any Mac Trojan/Virus announcement that isn't accompanied by an Antivirus software companies name or product. Windows PC users are tired of hearing how secure it is and take every opportunity to bash Mac OS X's security every chance they get regardless of how valid it really is.

by Nitro-Max (10:21 PM) - Reply

yep sounds like a new virus software company wants in on the market. IDEA? lets make some viruses then sell a product that can get rid of them we'll be rich!!. Sorry but this is my theory on viruses.

by Ravenas (10:40 PM) - Reply

by: candle_86
you just heard of one, and it wasn't a test on the system, your mac market is big enough now for the hackers to care, and they are tired of hearing how secure it is lol. This is the preemptive strike i'd guess

Lol...That's a completely foolish statement. There are only a handful of people who hack someone just to piss them off (or prove that Macs can be hacked). I for one could care less what company says about their product, if I'm hacking someone it won't be because I want to f**k with them...It will be because I want valuable information. ;)

by Castiel (11:23 PM) - Reply

Now the no good Mac's can take it now.

by FatForester (11:24 PM) - Reply

Yea, the Mac market is becoming popular enough for it to start showing vulnerabilities, but just because one trojan that only two companies can 'fix' has hit the grid doesn't mean it's the end of the world. I can honestly say I'm chuckling a bit, but this isn't that realistic. Most of the threats we're more subjective to are OS independent and deal with being scammed in an email or trusting something stupid, not trojans gaining root access to our OS. I'm gonna have to agree with Ravenas, people that try to hack systems want valuable information, not your picture with a webcam (unless if they're just perverts).

by ShadowFold (12:15 AM) - Reply

lol @ apple users. I hope you like your overpriced "virus free" OS now :D

by p_o_s_pc (1:24 AM) - Reply

Its about time MAC users get theirs

by Kreij (2:27 AM) - Reply

I guess it not surprising to see such vitriol from the PC crowd, but in reallity, none of us need this kind of crap. Mac users included. Maybe we should sheath our swords and work together to elliminate this kind of BS and then get back to our normal, fun, OS trashing. Just a suggestion.

by aximbigfan (2:49 AM) - Reply

HAHAHAHAHAHA!!!!!! Where is your god now? :D Chris

by Wile E (3:49 AM) - Reply

by: ShadowFold
lol @ apple users. I hope you like your overpriced "virus free" OS now :D

My Mac OS only cost $130 retail, and comes with all the features that 10.5 has. I wouldn't call that overpriced. And it is still virus free. This is a Trojan. Meaning that you have to purposely download and run it. Completely different from a Virus. Although I have to say, it won't be long before OS X does have viruses I think. I think it's gained enough popularity that it may be become a regular target. Albeit still less frequently than Windows I would imagine.

by Mistral (4:39 AM) - Reply

Seems like the makers of this piece of work have been watching too many Apple ads. The trojan taking a picture of the user :roll: ...

by candle_86 (5:02 AM) - Reply

in 2 years mac users who switched from windows will come back in droves because there new mac book has more virus/trojans/problems than a windows Me computer still online today, that your 13 year old downloads porn on

by CyberDruid (5:05 AM) - Reply

by ShadowFold (5:05 AM) - Reply

More like "Where is Steve Jobs now?"

by candle_86 (5:07 AM) - Reply

by: ShadowFold
More like "Where is Steve Jobs now?"

cowering behind his desk because he just realized there biggest PR scam backfired

by CyberDruid (5:26 AM) - Reply

by jydie (1:55 PM) - Reply

Dang, those built in webcams can be turned against you. :twitch: It is creepy to think about pictures of you or anybody in your family being sent to some stranger.

by CyberDruid (2:13 PM) - Reply

Anything that can be controlled by software can be turned against you by a smart enough hack.

Post your own comment

Username:
Password:
Register Here!