Wednesday, September 26, 2012

New OSX/Imuler.B Variant Spotted by Researchers

Warning Apple LogoResearchers over at F-Secure have recently discovered a new variant of the data-stealing Mac malware, OSX/Imuler.B, which is believed to be targeting Tibetan rights activists.

F-Secure researchers say that the latest Imuler.B variant is similar to its predecessor, OSX/Imuler.A; however the new build is configured to “exit” if Wireshark, a popular network protocol analyzer, is detected on the target machine.

Imuler.B exits if Wireshark is found
Screenshot Credit: F-Secure


Aside from setting Imuler.B to dodge Wireshark, the malware’s authors optimized the code and switched the command and control server to ouchmen.com.

Should Imuler.B manage to find its way onto your machine, it will steal system information and take desktop screenshots as it is instructed via its command and control server.  Any data collected by the malware will then be relayed back to the command and control servers, at which point the attackers can use it as they please.

F-Secure didn't say how they came across the new variant, but earlier this year Sophos found that cybercriminals were using pictures of swimwear models to spread Imuler malware, so Mac users are advised to exercise caution when downloading files online to avoid infection.

Aside from that, it’s always a good idea to run antivirus software, even on a Mac. Sure, threats targeting OS X may not be as common as they are on Windows, but they do exist and it’s always better to be safe than sorry.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment