SabPub Trojan Strikes Again on Mac platform

Asked By 0 points N/A Posted on -

SabPub is another malware targeting Macs.

I heard that it can penetrate through ordinary anti-virus,

So how can I avoid this malware?

Best Answer by Sharath Reddy
Answered By 0 points N/A #158815

SabPub Trojan Strikes Again on Mac platform


Hi there,

The new trojan is named Backdoor.OSX.SabPub, or SabPub for short. 
Costin Raiu, the computer security expert from Kaspersky said that SabPub was originated on February 2012. 
The malware was first distributed by phishing emails or spams, but once it get caught on a computer, 
the virus begins infecting and spreading via Microsoft Office documents.
SabPub uses Java exploit Flashback to get rid of antivirus software's detection.
Computers affected with the SabPub virus are more vulnerable to intruders, accessing the contents of the 
hard drive remotely. It is believed that computers are being infiltrated by intruders , with attackers personally 
rummaging through – and downloading – victims' files and documents.
The intruders are able to take screen shots and even can take control of infected computers remotely.
If your computer gets affected by Flashback, there's no cure for SabPub yet. The only way is to keep your 
antivirus software up to date and Consistently checks for solutions over internet.
Best Answer
Best Answer
Answered By 590495 points N/A #158816

SabPub Trojan Strikes Again on Mac platform


A security researcher named Costin Raiu working at the Kaspersky Lab has discovered another Mac OS X Trojan virus. It is called Backdoor.OSX.SabPub.a or simply “SabPub”. Actually, there are already two variations of the SabPub virus that are being distributed by means of Java exploits. The virus utilizes Java exploits to contaminate a Macintosh computer then it will connect to a remote website and will then wait for instructions.

The possible instructions may include taking of screenshots of the Mac computer and most especially running commands. The Trojan virus acts as a remote control being controlled on a remote computer and executes every command it receives. According to Costin Raiu, the Java exploits appear to be very standard and have been concealed by means of ZelixKlassMaster which is a flexible and somewhat powerful Java obfuscator.

The discovery of the SabPub virus happened after a heightened alert against the Flashback Trojan virus which already infected more than 600,000 Macintosh computers all over the world. The first variant of the SabPub virus was discovered around February of 2012,and the manner of infection appears to be in targeted attacks.

This limits the ability of the virus to make widespread invasions like what the Flashback Trojan virus did. The second variant of the SabPub virus which was already named above was somewhat distributed as a DOC file.

Related Questions