Filtered By: Scitech
SciTech

Mac trojan disables OSX's anti-malware features


Malware writers targeting Apple computers running the Mac OS X have come up with a new Trojan to disable its built-in anti-malware program, a computer security firm disclosed Thursday (Manila time). F-Secure said the Trojan-Downloader:OSX/Flashback.C disables the automatic updater component of XProtect, OS X's native anti-malware application. "Attempting to disable system defenses is a very common tactic for malware — and built-in defenses are naturally going to be the first target on any computing platform," it said in a blog post. It said Flashback.C, once installed, will decrypt the paths of XProtectUpdater files that are hardcoded in its body. Flashback.C then decrypts the path of the XProtectUpdater binary before the malware unloads the XProtectUpdater daemon. The malware then overwrites the XProtectUpdater files with a " " character, the plist file of XProtectUpdater, and the XProtectUpdater binary. "The action described above wipes out certain files, thus, preventing XProtect from automatically receiving future updates," F-Secure said. — TJD, GMA News

LOADING CONTENT