New Mac Virus Discovered, Making the Rounds

sl4shd0rk writes "A new Mac OS X exploit was discovered Friday morning by Kaspersky Labs which propogates through a zipfile attachment. The attachment tricks the Mac user into installing a variant of the MaControl backdoor via point-and-grunt. Embedded in the virus is an encrypted IP address belonging to a server in China which is believed to be a C+C server. Once installed, the virus opens a backdoor allowing the attacker on the C+C server to run commands on the compromised machine. Shortly after Kaspersky's announcement, AlienVault Labs claims to have found a similar version of the Mac malware which infects Windows machines. The Windows version appears to be a variant of the Gh0st RAT malware used last month in targeted attacks against Central Tibetan Administration. Both viruses are suspected of being tools in a campaign to attack Uyghur Activists."

Re:What is wrong with you people?

[muon-catalyzed]

> Virii aren't installed by the users themselves...

The problem here is that OSX inherently lacks software that raises flags when 'the incident' happens, or at least it seams to be that way.. Does the victim has any built-in protection to deal with such a malware infection? Does the OS X possess mechanisms to monitor or block outgoing traffic? Does this system even has a proper driver structure to allow insertion of your monitoring pass-through driver into the TCP or disk driver stack?

Re:What is wrong with you people?

[tbird81]

I bought my Mac because it had a glossy screen, you insensitive clod.

* No, I don't own a Mac.