Again Trojan appeared to attack Mac OS

Over the weekend, the security community said they had discovered a new Trojan code that could potentially attack Apple's Mac OS.

The anti-malware security firm that attacks the Mac operating system, SecureMac, in the last security warning message released last Thursday, said the AppleScript.THT Trojan was released through a number of malicious websites by hackers. In addition, this malicious code is also distributed through Apple's instant messaging service iChat.

AppleScript.THT is classified as "extremely dangerous" by SecureMac.

SecureMac said AppleScript.THT attacks the newly discovered security vulnerability in Apple Remote Desktop Agent (ARDAgent) - the department that performs Tiger and Leopard's remote device management functions. If successful the Trojan will allow remote hackers to gain full control of ARDAgent.

" If successful penetration into the system, this malicious code will allow hackers to gain complete control of the user's PC. It can also transfer the system administrator account login and password to private. Hackers, avoid detection by opening separate operating ports on the firewall system or turning off system activity logging , "SecureMac said.

Again Trojan appeared to attack Mac OS Picture 1 " In addition, this trojan also has a built-in keylogger that captures all actions on the keyboard, controls photos taken using Apple iSight Camera for operating on the screen and activates the file sharing feature. believe ".

SecureMac's warning was broadcast one day after some details about the ARDAgent security error were revealed on the famous website Slashdot.org. On the same day, security firm Intego also provided some additional information about the error.

Intego said AppleScript, if successful, would allow hackers to gain access to the system "root" level - the highest level of access in an Linux-based operating system.

" When a malicious code has access to the" root "level, it can cause inconvenient consequences, it can delete all files or change settings on the system or even set up actions. The case is done periodically ".

However, like other Trojans, AppleScript.HTT cannot start automatically but requires user intervention such as downloading and activating it.

Some security experts do not appreciate the Trojan and say users can protect themselves from this Trojan by removing ARDAgent.