Guys, there is a worm out for macs. Here is a link to the article.
http://www.iclarified.com/44390/new-macbackdooriworm-threat-has-infected-over-18500-macs
I've just created an extension attr, and a smart group to monitor if this happens to one of ours.
+6My extension attribute checks two places:
-d /Library/Application Support/JavaW
-f /private/var/root/.JavaW
It looks like the iWorm method of infection has been identified. The transmission is not automated and requires active human intervention and admin privileges for the Trojan to be installed:
+24Thanks for the link Rich. Good to hear its more a people problem than an actual flaw in the OS that's being exploited. Not that its that surprising. People being dumb is often the way things like this spread. Makes an excellent case against touching pirated software, that's for sure.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
