SecureMac identifies first ARDAgent-based trojan
SecureMac has identified AppleScript.THT, a trojan-horse type
virus of malware that exploits a Apple Remote Desktop Agent vulnerability publicized earlier this week that can "allow a malicious user complete access to the system."
The malware is distributed as a compiled AppleScript, named ASthtv05, or an application bundle named AStht_v06. The files are 60K and 3.1MB in size, respectively.
Users must download and run the scripts in order for their computer to become infected. The trojan will install itself in the /Library/Caches folder, and will set itself to run at startup.
To protect yourself, use extreme caution when running AppleScript files or applications sent to you in an email, or downloaded from the internet.
While we can't say for sure that these are the same people that developed this malware, you can read about the evolution of a very similar exploit script here, including a June 14th mention of the ARDAgent vulnerability. Very depressing.
SecureMac has identified AppleScript.THT, a trojan-horse type virus of malware that exploits a Apple Remote Desktop Agent vulnerability...
Deals of the Daymore deals
Software Updatesmore updates
- Poser 10 and Poser Pro 2014 available, bringing new characters, physics and more
- Agile Partners releases Lick of the Day 2.0
- Google announces new Hangout app to hit iOS today
- Microsoft Office for Mac 2011 Update 14.3.4
- Pixelmator 2.2 available with over 100 new features and improvements
- DabKick for iPhone lets you share photos, watch videos and now listen to music in real-time