Wednesday, May 6, 2009

New worm targeting Mac OS X spreads via email and network shares

New Mac OS X worm: time to get worried?

Symantec says a new worm targeting Mac OS X spreads via email and network shares. But is it really a threat? According to Symantec, the Tored worm spreads through network shares and by emailing itself to addresses gathered from the infected computer's Address Book.

It opens a back door to the computer, allowing it to be conscripted into distributed denial of service attacks as well as logging keystrokes (which could be used to steal passwords and other confidential information).

There is no indication that Tored can execute without user intervention. For example, Symantec does not seem to suggest that there are any issues with Mac OS X mail clients that could cause the code to be automatically executed when the message is opened.

The company says there are a very small number of Tored infections at no more than two sites, and that the worm is easily contained and removed, and does little damage.

Tored has been given a risk level of 1, the lowest on Symantec's scale.

No comments: