Grand Rapids, MI
New OS X trojan backdoor MaControl variant reported
Kaspersky has reported that a new previously undetected variant of the MaControl backddor is being used in the wild. The malware arrived as an email attachment, and if installed connect to a C&C server. More information on the malware, its behaviour, and the attack campaign is available from Kaspersky, who discovered this variant. As more malware authors become motivated to attack OS X it is likely that we will continue to see targeted attacks such as this in the future.
Gladiator Security Forum
Meh, not as interesting as Flashback (which was a drive-by Java exploit). This one needs to trick a user into installing some suspicious e-mail attachment and then enter his/her password, etc. No OS or platform is immune from people damaging their own systems. I can open a terminal on my Linux box and type:
sudo rm -rf /
and destroy my entire system right now (works on a Mac or any other Unix too). No one's fault but my own.
I still don't think AV software is necessary on OSX. People who keep their systems up to date and don't fall for tricks are pretty safe. Of course, part of that relies on Apple pushing updates quickly (as they failed to do in the case of Java). Hopefully Apple has learned their lesson there.
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999