'Dockster' A New Mac Malware Targeting Apple Users Found on Dalai Lama Related Website
Researcher at F-Secure blog has identified that A new piece of malicious software targeted at Apple users has been found on a website dedicated to the Dalai Lama. According to blog post by F-Secure -the website related to Dalai Lama is fully compromised and is pushing new Mac malware, called Dockster, using a Java-based exploit. Dockster tries to infect computers by exploiting a vulnerability in Java, CVE-2012-0507. The vulnerability is the same one used by the Flashback malware, which first appeared around September 2011 and infected as many as 600,000 computers via a drive-by download. Flashback was used to fraudulently click on advertisements in order to generate illicit revenue in a type of scam known as click fraud. Apple patched the vulnerability in Java in early April and then undertook a series of steps to remove the frequently targeted application from Macs. Apple stopped bundling Java in the 10.7 version of its Lion operation system, which continued with the company's Mountain Lion release. In October, Apple removed older Java browser plug-ins in a software update.
But still the matter of relief is that current versions of OS X are not vulnerable; users who have disabled the Java browser plug-in are also not vulnerable. F-Secure researcher Sean Sullivan said Dockster is “a basic backdoor with file download and keylogger capabilities.” Meanwhile F-Secure’s Sullivan, also said that the Dalai Lama’s site is also serving a Windows-based exploit for CVE-2012-4681, the Agent.AXMO Trojan. The Trojan exploits a Java vulnerability that allows remote code execution using a malicious applet that is capable of bypassing the Java SecurityManager.
Please Note That: The gyalwarinpoche.com site doesn't seem to be as "official" as dalailama.com
While talking about Mac malware, then you must remember that earlier also Mac users faced such attacks when mac Trojan OSX.SabPub was spreading through Java exploits In 2011 we have also seen OSX/Revir-B trojan was installed behind a PDF, and giving hackers remote access to MAC computers, not only Revier-B also Linux Tsunami trojan Called "Kaiten"targeted Mac OS users in 2011. Also another malware named "Devil Robber" which was also make MAC users victim while stealing their personal information. In the very decent past we have seen a trojan named 'BackDoor.Wirenet.1' apparently providing its masters with a backdoor into infected systems. It is also capable of stealing passwords stored in browsers like Chrome, Chromium,Firefox and Opera. For any kind of cyber updates and infose news, stay tuned with VOGH.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
cyber attack
,
Dockster
,
Java
,
mac
,
mac-os
,
Malware
,
OSX
,
vulnerablity