The OSX/Hovdy-A Trojan horse, which relies on the user giving it permission to install itself, is an attempt to steal passwords, open firewall to give access to hackers, and disable security settings.
The Hovdy-A Trojan horse takes advantage of a vulnerability in Apple’s Mac OS X operating system, affecting the Apple Remote Desktop Agent (ARDAgent), to gain root access. Once the user has given permission and installed the OSX/Hovdy-A Trojan horse, the hacker can gain complete control of the compromised Macintosh – covering its tracks by disabling system logging.
This Trojan horse relies on the user giving it permission to install. Using social engineering techniques, the Trojan horse could be disguised as a game, a video codec, etc.
When run the Trojan will attempt to install itself to the /Library/Caches folder and perform the following tasks:
– disable system logging and delete system log files
– start PHPShell and web server
– start ARD, VNC and SSH services
– disable system updates
– open ports in the firewall
– disable third party security software
– steal various password hashes and keys which may be used to compromise other systems
OSX/Hovdy-A will also attempt to use the ARDAgent vulnerability to obtain root access.
More info via Spohos here.
MacDailyNews Note: As always, do not download, authorize, and install software from unknown, untrusted Websites or any other sources.
Let FUD begin!
When some calls me on the phone and asks for SS# should I do that?
mine 555-55-FIN dorks!!!!
virus free and still no firewall know anti virus…… I guess I am just lucky
Unfortunately, no anti-malware software can protect against ID-10T errors.
Did you read the article? I’m sure most of us have installed an application at some point. I’ll typically source apps through versiontracker, I’ll read the comments and note the number of people who have downloaded the application etc. This isn’t fool proof, but it’s the best that I know of.
Any suggestions?
nice 1 Jay-z
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
But, but, but, MAC’s never get viruses, I thought!
Ah hahahahahahahaha!
You man-pudding swallowing homo MAC fags get what you deserve.
All high and mighty and now you’ve got viruses, too!
Told you, you baby batter eating homo MAC fags.
You get what you deserve. Your MAC is the same as my Windows PC now, you gay fags.
I’ve been waiting for this day for so long!
Ah hahahahahahahaha! Stupid MAC fags overpaying for nothing. Enjoy your viruses, you H-mo sausage smugglers!
I believe RON was molested as a child.
Oh my. Little angry are we? Do you kiss your mother with that filthy mouth?
This isn’t a virus, btw…
Are all Windows users that angry? I find it amusing.
Dear Ron:
You are a dipshit. Crawl back in your 8th grade locker and stop commenting on things you know nothing about.
This is NOT a virus you moron. Even if it WERE…it would still be 144,000 (yes that’s the real number) to ONE in seven years since the introduction of OS X…But again..this is NOT a virus.
You are only proving what we all know. The vast majority of PC users are simply not very smart.
@ron
Yes, let’s celebrate that finally we can get to know a computer virus and experiment what windoes users fell every day…… oh crap, I forgot that they also suffer from bad crappy bad copy windows bugs, malware, adware and that all stuff… forget, let keep boring with our Macs that JUST WORKS!
We see asswipes like you all the time. Makes us sleepy. Ha!
@ RON: ok, ron, you fsking dumbass… We don’t over pay for one thing. Our computers are usable… Our computers are good looking… Our computers are fast, your computers slow down over time, have 9.000,000,000,000,000,000,000 viruses made for it, and just plain suck, IE is a joke, windows firewall is a joke, the windows GUI is a joke gone bad. There is one freakin virus for mac? verses the 9 trillion+ for PC? I like my odds on a mac…
PS, have fun using windows mobile on your motorolla…
The trojan can act like a porn video, that’s how you download it. The next button you press will activate it. You have been warned.
Ron,
you need to get over being touched by your uncle and calm down enough to realise that a trojan is totally different to a virus.
@ron
A virus self replicates and self installs. This is a Trojan, fool.
You are right, we get what we deserve, that is a superior safer more intuitive elegant snappier computing environment.
Believe me, we all get what we deserve.
Get a life Ron
The more popular the Mac gets, the more Trojans will appear. Lets just hope a fully working virus isn’t released for the Mac
” width=”19″ height=”19″ alt=”ohh” style=”border:0;” />
OMG!!!! THE TROJANS ARE COMING. ABANDON YOUR MACS IN THE STREET!! UNPLUG YOUR INTERNETS!! BUY SECURITY SOFTWARE FROM SECUNIA!! EJECT ALL YOUR FLOPPIES AND FOR FRAK’S SAKE, SWITH TO VISTA!!
S-W-I-T-C-H TO V-I-S-T-A-A-A-A!!!!
I thought Ron was funny, whether he meant it or not.
BTW, does anyone know roughly how many Mac have actually been laid to waste by this Trojan? I’m sure Ron would like to know.
And while I’m at it, what’s an HMO sausage smuggler? I didn’t realize medical care included sneaking bratwurst out of the grocery store. I may have to give Blue Cross/Blue Shield a call!
@HMCIV: NO SHIT!!! WINBLOWS VISTA IS SOOO MUCH BETTER THAN OS X!!!! AS WE SPEAK, I’M PUTTING MY MAC ON EBAY AND BUYING A DELL!!! AND PS, FLOPPIES ARE THE SCHIZZ MAN!!! haha
Hey MacLovin,
We’re farther ahead than you give us credit for. As the above posts indicate, a trojan isn’t a virus.
That takes us back to:
Windblows PC – 144,000+
Mac OSX – 0
You know what the irony of all this is? I have been manually removing viruses, Trojans, and spyware from Windows systems for so long that it is almost second nature. But I have no clue where to start on a Mac, and I have been using them since 1984.
Okay, we’ve had enough fun of sad, sick Ron.
Now, on to the big question:
What should I be looking for to discern if I’ve been infected or not?
@ Ron
Lighten up, Francis.