News

Apple OS X plagued by another Trojan Virus

Apple have been hit yet again by a virus, perhaps engineered by Samsung to get back at Apple for all its patent trolling? This Trojan Horse virus attacks Apple’s Mac platform by bypassing user permissions. The virus is called “Crisis” and has been specifically engineered to make the detection and analysis of itself incredibly difficult for security experts and security programs.

The security firm Intengo have stressed a lot of awareness is required by Mac OS X users as this particular Trojan Horse can download and install itself all without any user interaction or indicators. Crisis has been tracked, back to the IP address of 176.58.100.37 (A UK IP address hosted by Linode.com), which it then calls back to every five minutes for instructions.

For those who stick to the latest version of OS X you may not have had a lucky escape since the “Crisis” virus affects the OS X 10.6 and OS X 10.7 operating systems. Crisis can install and run itself without the need for the user to enter in their password. It’s also resistant to reboots, and will run until it is detected and removed.

If Crisis is installed onto a Mac OS X user account it will install additional programs in order to hide itself. Crisis will install the following files:

/Library/ScriptingAdditions/appleHID/Contents/Resources/appleOsax.r

When Crisis has root access, it installs two additional files:

/System/Library/Frameworks/Foundation.framework/XPCServices/com.apple.mdworker_server.xpc/Contents/MacOS/com.apple.mdworker_server

and

/System/Library/Frameworks/Foundation.framework/XPCServices/com.apple.mdworker_server.xpc/Contents/Resources/

*insert Apple Mac’s can run Crisis pun here*

Source

Ryan Martin

Disqus Comments Loading...

Recent Posts

Phil Spencer Is Against Expansions That Are “Manipulative” and Cut From Base Games

Phil Spencer has spoken out against what he calls "manipulative expansions"—additional content derived from material…

1 day ago

Razer Launches USB 4 Dock for Gaming and Productivity

Razer has introduced the USB 4 Dock, a high-performance accessory designed to combine ultra-fast data…

1 day ago

RTX 50 Will Seize the Whole Market Starting in December, Says GPU Cooling Supplier

A major supplier of GPU cooling components has indicated that we could see the arrival…

1 day ago

MSI MEG X870E GODLIKE Motherboard Hits Stores for $1,099

MSI first unveiled its top-tier AM5 motherboard, the MEG X870E GODLIKE, in August this year.…

1 day ago

Anker SOLIX C1000 Portable Power Station

80% UltraFast Recharging in 43 Minutes: Be ready for adventure in 43 minutes (100% in…

2 days ago

ASUS TUF Gaming FX707VI 17.3″ Full HD 144Hz Gaming Laptop

Powered by Intel's 13th Generation i7-13620H 10 Core Processor Dedicated NVIDIA GeForce RTX 4070 (140…

2 days ago