SabPub: New Mac OS X Trojan Detected

# Tips

It was not so long since Apple released Java security update that removes most common variants of the Flashback malware which was available with software update, and now here comes SabPub; the new Mac OS X trojan.

Kaspersky Lab security researcher, Costin Raiu has discovered another another Mac OS X Trojan called Backdoor.OSX.SabPub.a or SubPub. Raiu reported that the malware seems to be spreading through Word documents that exploit the CVE-2009-0563 vulnerability which are related to a stack-based buffer overflow in Office on the Mac.

Sub Pub

Image credits to securelist.com

It was also reported that the SabPub Trojan is a custom OS X backdoor and have been designed for use in targeted attacks. If SabPub was activated on an infected system,it connects to a remote web site and taking screenshot of Mac’s user executing commands.

Currently there is no fixes update from Apple.

Juan is a Design & Tech Blogger with strong interest in digital art, human computer interaction, enterprise system and system automation.

Category Tips // Tags , ,