[FSec] Our Mac Antivirus Blocks Java Exploits

Newsfeed

Nachrichtenbote
Yesterday, two of our analysts, Brod and Timo, tested a Facebook/Apple hack related Java exploit with our Anti-Virus for Mac.

And the result?

Our Mac AV blocked the exploit with a generic detection (created Nov. 19th 2012) called: Exploit:Java/Majava.B.

2013-02-21_MaJavaB.png


Nice!

So, how is the sample related? On February 15th, Mac malware samples were shared via a "Mac malware" mailing list. In the follow up discussion, two file hashes were shared, one of which is available via VirusTotal. And that sample turned out to be a Java exploit that drops a Windows backdoor. Brod analyzed the backdoor (detected as Trojan.Generic.8282738) and discovered that it attempts to connect to digitalinsight-ltd.com, one of the sinkholed C&Cs related to Friday's Mac malware.

Our generic detection, Exploit:Java/Majava.B, is used by our cross-platform antivirus scanning engine, so our Windows customers are protected, too. Our thanks to the analyst who shared the file hash (she knows who she is).
On 22/02/13 At 10:35 AM

Weiterlesen...
 
Zurück
Oben