Novo cavalo de troia ameaça OS X

[aFriend]

Informação adicional:



"Como você pode ver pela imagem acima, ele não tem nenhum certificado de segurança, então é preciso estar muito ciente do que se está fazendo (ou viajando na maionese) para permitir a execução desse treco."

http://macmagazine.com.br/2010/10/27/vej...s-sociais/

Informação sobre o trojan:

"This malware, unlike what one company claims, is not a “critical” risk, for several reasons. The level of risk for any given malware depends on several criteria, and this risk as fluid. As time changes, the risk level can increase or decrease depending on how common the malware is, whether new variants appear, and other conditions."

"Concerning the files that are installed, there is a combination of Java files for the malware’s main operation, together with Mac, Windows and Linux files. Some files are archives containing Java classes or other Windows or Mac files. The following is a list of files downloaded:

cad.scp
cplibs.zip
cplib_x86_osx.tnw
cplib_x86_win.klf
jnana.pix
jnana.tsa
NirCmd.chm
nircmd.exe
nircmd.zip
nircmdc.exe
ofex.avi
ofex.exe
ofex.zip
OSXDriverUpdates.tar
pax_wintl
pax_wintl.zip
pex.bsl
rawpct
rawpct.zip
RingOnRequest.lock
rvwop
rvwop.zip
VFxdSys.exe
VfxdSys.zip
VfxdSysAdm.exe
WinStart.exe
WinStart.zip

One of the Java classes found in the above archives is called FaceBookWorm.class.

Intego has no doubt that there will be variants of this malware in the future, but for now, the threat is minimal. Intego’s Virus Monitoring Center is remaining vigilant in order to detect any new variants that may cause serious threats to Mac users."


http://blog.intego.com/2010/10/29/more-i...e-for-mac/