If you were counting on OS X to provide you with security by obscurity, it may be time to re-think your tactics. Just days after an exploit was found in Lion that allowed unauthorized changes to user passwords, security researchers have now unveiled a Trojan that could steal data by taking screenshots.
This new threat consists of two stages. First, a downloader is installed when a user executes an infected file. As it downloads the full Trojan, it opens a PDF that contains political rebel-rousing that might get you a bit rowdy – if you can read Chinese. Once the malware is installed, it connects to a remote server which can command it to take screenshots or archive files.
Researchers have noted that the Trojan is relatively harmless so far because it is not actively receiving instructions from the remote server it connects to. That could change at any time however, so be sure to keep your malware definitions up to date and watch for PDF files that seem to open randomly.
Users who do not have malware software can also try to check for this Trojan by opening Activity Monitor and hunting for a process labeled “checkvir“. Note its location, stop it (using the Activity Monitor) and then attempt to delete it.
My opinion is that anyone running Mac should now be relying on some form of anti-malware software, such as Sophos Anti-Virus Free or iAntivirus. As OS X grows in popularity, threats targeted at it will only become more common.
Source & Image Credit: CNET