iPhone app iPad app Android phone app Android tablet app More

Sabpab Trojan: Mac Users Have Another Foe To Look Out For

The Huffington Post  |  By Posted: 04/16/2012 11:59 am Updated: 04/17/2012 4:31 pm

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy
Mac Sabpab Trojan

If you have yet to equip your Mac with Apple's latest Java update to protect it from the Flashback trojan said to infect over 600,000 devices, now might be a good time to do it. Apparently, there's another trojan making rounds on unprotected Macs.

Graham Cluley, a senior technology consultant at computer security firm Sophos explained in an April 13 blog post that this new backdoor trojan, dubbed "Sabpab," connects to a control server using HTTP and follows the orders of hackers who can enter a victim's computer, upload and download files, run commands and take screenshots.

This malware is similar to the Flashback trojan, writes Cluley, in that it doesn't require user interaction to infect a device and it takes advantage of the same vulnerabilities in Java software.

According to Costin Raiu, director of global research and analysis at IT security company Kaspersky Lab, the malware is being spread through Word documents that exploit these Java vulnerabilities. Raiu published his own findings on the trojan, which he calls Backdoor.OSX.SabPub.a.

Raui discovered that there are actually two variants of the trojan in existence -- the earliest version was supposedly created in February, while the more recent one was created in March. As Cult of Mac pointed out, Raiu believes the more recent version of the trojan may have been released as part of the Pro-Tibetan attacks on Mac OSX users that also took place in March and spawned malware like "Luckycat." Raui also notes that the IP address of the website from which hackers are controlling and commanding the trojan was also used in the "Luckycat" malware attacks.

To check if your Mac has been infected with this new trojan, Forbes suggests that users search for these files on their devices:

/Library/Preferences/com.apple.PubSabAgent.pfile

/Library/LaunchAgents/com.apple.PubSabAGent.plist

But whether you're sure your Mac has been hit or not, it's best to be proactive with your Mac's security by keeping its software up to date. You can access Apple's most recent updates by downloading them here or manually updating your software by following these instructions here.

Related on HuffPost:

FOLLOW TECH

From our partners


If you have yet to equip your Mac with Apple's latest Java update to protect it from the Flashback trojan said to infect over 600,000 devices, now might be a good time to do it. Apparently, there's an...
If you have yet to equip your Mac with Apple's latest Java update to protect it from the Flashback trojan said to infect over 600,000 devices, now might be a good time to do it. Apparently, there's an...
Related News On Huffington Post:
 

 
 
  • Comments
  • 796
  • Pending Comments
  • 0
  • View FAQ
Post Comment Preview Comment
To reply to a Comment: Click "Reply" at the bottom of the comment; after being approved your comment will appear directly underneath the comment you replied to.
View All
Favorites
Recency  | 
Popularity
Page: 1 2 3 4 5  Next ›  Last »  (11 total)
photo
aristippe
no more oil for war
246 Fans
09:57 PM on 04/17/2012
I caught one on my Mac
Permalink  |
photo
HUFFPOST SUPER USER
Lonnie DeVorak
262 Fans
06:33 PM on 04/17/2012
MAC's cannot get infected. I have been told that 1000 times.
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
01:39 PM on 04/18/2012
You can spoof a MAC and in fact, you can infect a Mac; and both of those are indeed a fact. How 'bout that?
Permalink  |
photo
HUFFPOST SUPER USER
threnodymarch
Art is long, life is short.
897 Fans
 
04:31 PM on 04/17/2012
Can we please have a day where we don't have people fighting over Mac and Windows in the comments? Seriously, people. Some like Apple. Some don't. Stop arguing about it. Get over it.
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
05:09 PM on 04/17/2012
I agree. Everyone should just use Linux so we can all get along. ;)-
Permalink  |
photo
stealthismatt
21 Fans
10:34 PM on 04/17/2012
I use osx on macbook and ubuntu on my netbook. might switch to mint in a few months... haven't decided.
Permalink  |
photo
HUFFPOST SUPER USER
Lonnie DeVorak
262 Fans
06:38 PM on 04/17/2012
I can tell who the MAC user is.
Permalink  |
photo
HUFFPOST SUPER USER
threnodymarch
Art is long, life is short.
897 Fans
 
08:35 AM on 04/18/2012
Who cares who uses what?
Permalink  |
This user has chosen to opt out of the Badges program
Lechiffre
224 Fans
02:02 PM on 04/17/2012
2 Macs for free at BEST BRO . Get it while its hot. its a one time opportunity.
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
02:02 PM on 04/17/2012
People really need to stop equating "PC" to mean "Windows" and using it as such. "PC" means "Personal Computer", not Microsoft Windows. A PC is hardware. An operating system is software. HUGE difference.

Also, since a Macintosh isn't a mainframe, it's technically a PC.

Yes, I know... It's an epic failure on the part of most people who will probably never change, however using "PC" in the way most people use it, is incorrect.
Permalink  |
photo
Gravenstein
68 Fans
03:27 PM on 04/17/2012
"People really need to stop equating "PC" to mean "Windows" and using it as such."

Why, just because it bugs you?

They will continue, and you know what they mean, so learn to live with it.
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
05:05 PM on 04/17/2012
Because it's incorrect. Whether it bugs me or not is irrelevant. I don't say "Google it" instead of saying "search for it" either since it's also incorrect.

I find it funny how easily people are trained. If the majority said they "Ford to work" instead of "Drive to work", I suppose that wouldn't be looked upon any differently than "PC" is.
Permalink  |
capitaldistrictgeek
6 Fans
05:11 PM on 04/17/2012
But the guy's right. It's not about whether it bugs him; it's about the fact that it's incorrect to equate "PC" with "PC Operating System". Honestly, it's like equating "Car" with "gasoline engine". Yes, many cars have a gasoline engine, but many others have diesel engines and yet others are electrical. I've even seen one that runs on steam.

One must also point out that not all gasoline engines are in cars. Some are in handheld devices like weed whackers, others are in gigantic fixed emplacements like building generators, and yet others are in airplanes.

Being sloppy with language is generally not healthy. It leads to sloppy thinking and poor reasoning. Far from learning to live with it, we should endeavor to correct it in the same way we strive to prevent children from grabbing onto hot frying pans and live electrical wires.
Permalink  |
This user has chosen to opt out of the Badges program
photo
Azterix
357 Fans
06:32 PM on 04/17/2012
I've been trying to correct people for these distinctions as well. They seem to forget what PC is abbreviated for. I've always thought that was fan boys' doing. Their grudges against MS/Windows were so sentimental. Remember the Mac vs PC ads?
Permalink  |
photo
HUFFPOST SUPER USER
Lonnie DeVorak
262 Fans
06:44 PM on 04/17/2012
One is a computer, the other is a wanna be computer.
Permalink  |
photo
HUFFPOST SUPER USER
euthman
291 Fans
 
11:12 AM on 04/17/2012
The remonstrations of PC apologists here represent false equivalence. Windows viruses are ubiquitous, protean, and can require dozens of steps, and sometimes specialized user expertise for removal. Mac viruses are rare, and so far, removing them has been a one-click process within the ken of any user. With the popularity of MacOS increasing, of course this system becomes a more appealing target for malware authors. But at this time, it's no contest. Those who are concerned about malware are much better off with a Mac.
Permalink  |
StopMakingSense2
1422 Fans
12:20 PM on 04/17/2012
Actually following your logic Lynix would be even better. In hacking contests Macs don't fare significantly better than PC's. PC's far outnumber Macs is the only reason there are more viruses for them!
Permalink  |
bassjam
64 Fans
12:34 PM on 04/17/2012
BS-Thats what PC owners want to think.With all the hype surrounding the "Mac's dont get viruses" thing,the POS's that write viruses would love to be the one that cracked it.I use both PC and Mac-In 5 years I have never had an issue with my Mac.My PC OTOH has had numerous issues.
Permalink  |
This user has chosen to opt out of the Badges program
Lechiffre
224 Fans
02:01 PM on 04/17/2012
Hacking slams ? lol! ur funny
Permalink  |
photo
HUFFPOST SUPER USER
TheSocialCapitalist
778 Fans
11:06 AM on 04/17/2012
Apple made a huge mistake not patching the original trojan quickly. It told the hackers that OSX was slow, and insecure. I imagine we will see a wave of viruses.
Permalink  |
photo
Gravenstein
68 Fans
03:29 PM on 04/17/2012
Imagine whatever you like, it doesn't make you right.
Permalink  |
photo
HUFFPOST SUPER USER
Lonnie DeVorak
262 Fans
06:46 PM on 04/17/2012
Dosent make him wrong either.
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
01:38 PM on 04/18/2012
1) Reboot the Mac
2) Hold down the control + S keys
3) Watch the Mac "boot to root" without requiring a password.
4) Have full access fun.

This, boys and girls, is Apple's "Security" at it's finest.
Permalink  |
photo
keithistre
58 Fans
 
08:25 PM on 04/17/2012
At least they patched it. MS does not do that. It is curious that the malware was possible because of the MS product Word.
Permalink  |
DP00
0 Fans
12:29 PM on 04/23/2012
Oh, so Mac's are only impervious if all other software you want to install is perfectly written? Uhhhh... then how does the Mac actually protect you?
Permalink  |
photo
HUFFPOST SUPER USER
Drew Moyers
76 Fans
10:41 AM on 04/17/2012
But, but, Apple products are perfect in every way and revolutionary and life changing! They don't get viruses or Trojans! That's what all those commercials told me, and why would they lie?
Permalink  |
CaliforniaWiseGuy
40 Fans
11:10 AM on 04/17/2012
I've never heard or seen of an Apple commercial that says Apple computers are immune to viruses. Get real, please.
Permalink  |
photo
HUFFPOST SUPER USER
Drew Moyers
76 Fans
11:48 AM on 04/17/2012
Willful ignorance or just not paying attention for the past decade or so?

http://www.youtube.com/watch?v=GQb_Q8WRL_g
Permalink  |
HUFFPOST SUPER USER
hairydodger
149 Fans
03:30 PM on 04/17/2012
Maybe you should be interested in updating your thought patterns?
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
10:39 AM on 04/17/2012
Meanwhile Linux, Unix, and xBSD users just keep on truckin'..........
Permalink  |
StinkyPete0279
85 Fans
01:18 PM on 04/17/2012
By "keep on truckin'" I can only assume you mean "continue growing their neckbeards and begging their parents for money to buy a new video card"
Permalink  |
photo
PenguinLinux
got root ?
157 Fans
01:58 PM on 04/17/2012
My parents are dead. - Fail 1 for you.
I don't have a neckbeard - Fail 2 for you.
I have my own house - Fail 3 for you.

Swing batter ...swing batter batter MISS MISS MISS!!
Permalink  |
photo
HUFFPOST SUPER USER
henryptnm
72 Fans
10:17 AM on 04/17/2012
I was talking with a guy who owns 2 Macs. He told me they can get viruses not as bad as PCs. But he recommends a Virus Barrier for it. It is called: Intego. It is under, www.intego.com. It is a virus barrier especially made for Macs. It is in the internet. Look it up.
Permalink  |
rabbitz
180 Fans
10:08 AM on 04/17/2012
it is a hoax- mac cant get viruses, worms, or Trojans
Permalink  |
nroshon10
309 Fans
10:06 AM on 04/17/2012
Thanks Huff!!! You reminded me to check out my recent updates, clean up a few things and stay on the lookout this week! Very helpful :)
Permalink  |
photo
Rick Eriksen
1203 Fans
09:58 AM on 04/17/2012
The second ad for Apple in a minute passng as a news story...either Apple has way yoo many problems and keeps getting bad news everyday, or HP owns a lot of thier stock and every day just prints anything with the word Apple in it to do whatever they can to promote that slave loving non tax paying criminal enterprise...
Permalink  |
photo
HUFFPOST SUPER USER
bring in swat
198 Fans
09:50 AM on 04/17/2012
don't say it...the "perfect garden" has weeds!?!?!?!? it can't be so. blah, who cares...macs have never been safe from attack, no one cared enough. now that the users have proven to be willing to spend vast amounts or income on Anything apple releases, will to put their personal info/banking/credit card #'s across their itouch/iphone/ipad/airbook/mac books while carry them all in one Big iBag...wait until they figure out the virus is a straw man to get to the personal data/CC#'s...it's a virtual $$$ Buffet! happy eating!
Permalink  |
jezzgeo
111 Fans
11:03 AM on 04/17/2012
this is similar to what i've been saying for a long time now, too. well said.
Permalink  |
OBAMAMOI
Nature does nothing useless
240 Fans
09:41 AM on 04/17/2012
Where’s the I-con.dom ? ..Oh I forgot, Steve is de.ad and Apple is alive...
Permalink  |
 
Page: 1 2 3 4 5  Next ›  Last »  (11 total)