Downloads: Free Remote Support: Click here  Remote Monitoring: Click here

News

<a href="/news/new-mac-malware-uses-back-to-front-trickery" title="New Mac Malware Uses Back-To-Front Trickery">New Mac Malware Uses Back-To-Front Trickery</a>
Posted on: 19 Jul 2013 

Posted By: Site Admin

New Mac Malware Uses Back-To-Front Trickery

 
 

Malware is an issue that we cover a lot on this site; however, most of the strains we feature are related to the Windows operating system. As the most widely used OS in the world, Windows is generally seen as an easy target for hackers and, in comparison, Apple’s Mac operating system is seen as a safe and secure option, affected little by the viruses that run wild on its competitor. Mac’s are not completely safe from viruses though, and a new strain of malware is proving to be one of the sneakiest yet.

Originally discovered by Finnish firm F-Secure, Backdoor:Python/Janicab.A as it is being called, is written in Python, and uses a spoofing technique to disguise the malware installations as standard files. By taking advantage of the right-to-left (RTL) U202E Unicode, the malicious software is able to make an application appear to be a standard document file by applying a right-to-left override for part of the malware’s file name.

To use the example provided by The Register, ‘a file which appears to be called RecentNews.ppa.pdf is actually RecentNews.fdp.app’, tricking users into opening an .APP file that they believe to be a regular .PDF. Moreover, the sneakiness doesn’t end there – the malware also has to be signed with an Apple ID, further adding to its apparent authenticity.

Once installed on a system, the malware is designed to record audio and capture screenshots using the SoX command line utility. The Register reports that the stolen information is then uploaded to a command-and-control server whose location is defined by what appear to be standard YouTube pages.

Apple Macs Need Protecting Too

Right-to-left trickery has been seen previously on Windows PCs, but is thought to be new to Mac. As Apple’s PCs are being more widely adopted by businesses because of their advanced designed and development benefits, and due to their apparent lack of viruses, adware, and malware, it is important that measures are put in place to protect systems. By discovering Backdoor:Python/Janicab.A, F-Secure has served a timely reminder that Malware is a real danger and is becoming ever stealthier in nature.

If your business relies on Mac PCs, it is essential that your systems have Cloud Web Security. ITWiser’s advanced security software is compatible with both Mac and Windows operating systems and will ensure that malware, spyware and other malicious content is blocked at cloud level before it reaches your network.

MACs have been hailed over the years for their lack of viruses; let Cloud Web Security help keep it that way.


 
The Register