Sneaky Mac OS X threats presented at Virus Bulletin 2010

by Methusela cebrian Ferrer (Ca - hcl),

Tags: Security

URL : http://www.virusbtn.com/conference/vb2010/abstracts/MFerrer.xml

Summary : "
The emergence of crimeware[1] in Macintosh displayed immense awareness in security. Apple stepped in and introduced
protection which detected notable malware families DNSChanger, aka 'RSPlug', Jahlav and Iservices, aka 'iWorks', in Mac
OS X 10.6 Snow Leopard. As observed with immediate effect, the organized group perpetrating the distribution stopped serving
the Mac malware. Some interesting questions have surfaced: is there a reorganization happening? and is this the solution to
deter cybercriminals?
The message is clear, Mac users became more cautious and security-aware this time. The greater level of security consciousness
has led to an increase in community discussions and participation. Users immediately report dubious websites and suspicious
behaviour possibly caused by unknown threats. However, a lack of detailed information may prevent discovery of the real
culprit.
This paper seeks to explore and discover the continuous interest of organized groups in Macintosh. We will track down the
attempts, strategies and latest offensive development pursued in Mac. The utilization of available detection utilities
will be discussed to highlight the importance of identifying possible new malware.
[1] http://www.virusbtn.com/conference/vb2009/abstracts/Ferrer.xml
"