Welcome to Our Blog

New “Pintsized” Mac Malware Beware

Feb 20, 2013
News

Just when all Mac users snobbily assumed they were hack free, well guess again. A new backdoor Trojan for OS X is making an appearance, called “Pintsized” by Intego. It’s suspected of using a modified version of OpenSSH to set up a reverse shell, which in turn, creates a secure connection to a remote server. Thus, prepared to steal data.

Since the encryption connection uses the common SSH protocol,it makes it hard to detect and trace. The “pintsized” malware creates a sneaky alias by disguising its files to look like components of the OS X printing system.

File names reported are:

com.apple.cocoa.plist
cupsd (Mach-O binary)
com.apple.cupsd.plist
com.apple.cups.plist
com.apple.env.plist

According to Intego, “It’s believed that this was a targeted attack, perhaps dropped by an exploit. At the time of writing, all of the network components have been sinkholed so it’s unable to receive commands.”

 

Rachel Gilliland

Toronto Professional Services Team

Need More Info? Call Us (888) 834-8932

Contact Us

© 2012 Toronto Professional services LTD. All rights reserved