Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to del.icio.us  
IAdware Trojan aims for Macs
Published: 2006-11-24

Online fraudsters may be ready to put Mac users in their sights.

On Thursday, antivirus firm F-Secure published a brief analysis of a proof-of-concept adware program for the Mac OS X that could theoretically hook into any application to run attacker-specified code. The program, dubbed IAdware by F-Secure, could be silently installed in a user's account without requiring administrator rights.

"We won't disclose the exact technique used here--it's a feature not a bug--but let's just say that installing a System Library shouldn't be allowed without prompting the user," stated F-Secure in the blog post. "Especially as it only requires Copy permissions."

Vulnerability researchers have increasingly focused on finding flaws in the Mac OS. During the month of November, two serious flaws in Apple's operating system were disclosed as part of the Month of Kernel Bugs (MoKB) project. Researchers and attackers have also focused more on turning vulnerabilities into exploit code, according to a recent report published by Symantec, the owner of SecurityFocus.

The IAdware proof-of-concept code did nothing malicious, but merely opened up a browser each time an application was opened, F-Secure stated.



Posted by: Robert Lemos
    Digg this story   Add to del.icio.us  
 
Comments Mode:
IAdware Trojan aims for Macs 2006-11-25
Anonymous
A metereoite might also strike you ... 2006-11-26
Anonymous (1 replies)
IAdware Trojan aims for Macs 2006-11-27
Anonymous
IAdware Trojan aims for Macs 2006-11-27
Think Differently
Adware Trojan aims for Macs 2006-11-27
Anonymous
IAdware Trojan aims for Macs 2006-11-28
Juha-Matti Laurio







 

Privacy Statement
Copyright 2009, SecurityFocus