AfterDawn: Tech news

Macs hit with another widespread malware

Written by Andre Yoskowitz (Google+) @ 13 Apr 2012 19:15 User comments (12)

Macs hit with another widespread malware Security firm Sophos has announced today the discovery of another widespread malware attacking Mac computers.
Dubbed "Sabpab," the threat uses the same Java vulnerability that the Flashback botnet exploited last month in creating 650,000 Mac zombies.

Sophos says you can check to see if you have been infected by searching for the following files:

/Library/Preferences/com.apple.PubSabAgent.pfile

/Library/LaunchAgents/com.apple.PubSabAGent.plist


Sabpab has been described as a "basic backdoor Trojan horse" which allows control servers to execute commands remotely on infected Macs.

Apple has already patched the vulnerability and the new trojan is not as widespread as Flashback was, but still remains a threat if you have not updated.

Previous Next  

12 user comments

113.4.2012 22:13

Here's another HAHA in Apples face.

214.4.2012 13:10

Does anyone know the time difference between the north and south pole?


True thug Afterdawn memeber since 05! Shout out to all those old school member still in the ranks of Newbie! Represent!

314.4.2012 13:26

6 months.

414.4.2012 14:45

I would say 85% of Apple users don't even know how to check these files, let alone the process of getting rid of the thing.

Yes, yes, I realize a 'patch' has been released, but this will only serve as a new backdoor function for a more devious attack here in the next week or so.

Way to go Apple software engineers. Welcome to our PC nightmare.


515.4.2012 18:18

TIP: Don't go to questionable websites, which often end up being websites to get "free stuff". Maybe the cheapos looking for such stuff deserve an infection.

616.4.2012 11:45

But that's impossible Macs can't get viruses they're infallible, it must just be propaganda from Seattle !

716.4.2012 13:27

Hopefully this continues...Less malware for pc's

820.4.2012 10:11

Originally posted by xnonsuchx:
TIP: Don't go to questionable websites, which often end up being websites to get "free stuff". Maybe the cheapos looking for such stuff deserve an infection.
You are an ignoramus!

Yes, you are not completely wrong those sites are more likely to infect than facebook. Reality is the malware infections comes from adds before they get to the host site. The better sites have better policing of their adds but I assure you you can get infected from any site that has adds. If you mouseover an infected add in facebook it can grab all your personal info stored on facebook.

Yes, often free software has a secret bonus package for you.

920.4.2012 23:21

How do you get this crap? All of my Macs are working perfectly!!
Is it Norton trying to sell something?

1021.4.2012 9:14

Originally posted by salsa36:
How do you get this crap? All of my Macs are working perfectly!!
Is it Norton trying to sell something?
Norton has been accused of that in the past. No doubt about it, but the last time I heard about that kind of dissension was something like 1998. And it really wasn't necessarily for the real reasons people thought it was for.

I think it was the first steps in creating what we know as heuristic protection now, but it was a hard sell at the time & I'm certainly not selling it to the Apple folks now. They'll basically have to fend for themselves if they don't start taking this nonsense seriously.

Their "genius'" are only so smart & are only going to be able to keep up with so many 'patches' before the code boners spooges themselves into a lather that floats Apple away into the unknown.

Face it. You (Apple) have now become a target like the rest of us & worthy of negative attention. That's where virus' come from. Not Apple specific wunder-code. putz...
This message has been edited since its posting. Latest edit was made on 21 Apr 2012 @ 9:15

1123.4.2012 2:43

I have analogy for this.

IRA attempted to assassinate Maggie but fortunately for her she got tied up with some urgent matter of the state and was not at the location where IRA conducted the raid. They left a note behind for her. It read something like ....

"You have to be lucky every time, we have to be lucky only once"

I would say this holds true for the malware / virus also.

1223.4.2012 12:52

Originally posted by pmshah:
"You have to be lucky every time, we have to be lucky only once"
I like it...

Comments have been disabled for this article.

News archive