How the Mighty Have Fallen: Two New Security Threats for the Mac

Somewhere in PC hell there is loud, presumably obnoxious laughter; and it is directed at the Mac OS X operating system. The Mac OS X has always boasted an outstanding record against spyware, adware, viruses and the other detritus that afflict its rival PC. However, it has recently fallen victim to not one, but two different strands of the ubiquitous trojan horse virus. One strand named Trojan-PSW:OSX/PokerStealer appeared as a Mac OS X titled “Poker Game.” When run, this virus triggers Secure Shell on the operating Mac, sending user names, passwords and IP addresses to a remote server. A dialogue box appears saying “a corrupt preference file has been detected and must be repaired,” prompting a password input which enables the virus to complete its task. From here on, the Mac is subject to the whims of its new user.

The second strand of a Mac trojan horse virus was created by a group of gray-hat hackers on the Macshadows.com site forum. It was purportedly crafted to test the vulnerability of the ARDAgent. The ARDAgent’s flaw lies in the root privileges of Applescript. If the victim is fooled into installing Hovdy, no passwords are needed, providing easy, backdoor access to the intruder. While this strand is yet to make it outside the forum, it is likely only a matter of time.

Several antivirus programs and internet security suites intended for Mac are already in existence, with others in the works. Whether or not these viruses ever make a real impact, one thing is for sure: The disease-free days of the Mac are over.