The “Flashback” trojan virus affecting at least 600,000 Macs was discovered last week that is capable of intercepting passwords and other private data. The discovery prompted Apple to release a Java update for OS X users that removed a number of common variants of the virus. Securelist on Saturday found another Mac trojan that is also spread through Java exploits, however. The malware, called Backdoor.OSX.SabPub, can take screenshots of a user’s current session, execute commands on an infected machine and connect to a remote website to transmit the data. It is not clear how users get infected with the trojan, but because of the low number of instances and the trojan’s backdoor functionality, Securelist speculates that it is most likely used in targeted attacks, possibly launched through emails containing a URL pointing to two one of websites hosting the exploit.


View Comments