OS X 10.10 breached: a malware installs an adware without password prompt!

Status
Not open for further replies.

JM Safe

Level 39
Thread author
Verified
Top Poster
Apr 12, 2015
2,882
Good day everyone.

Last week it was announced a vulnerability in OS X zero-day type without having previously warned Apple. Apparently the vulnerability has already been exploited by malware writers. Adam Thomas, a company researcher, has identified a Malwarebytes installer adware (applications that install software that make it appear ads) identifying changes to the sudoers configuration file, a hidden file in Unix that determines, among other things, some of the root permissions in Unix shell. The change to the sudoers file allows this case to give the app root permission without the user being prompted for a password.

The vulnerability involves the new recording system of error latest versions of OS X and specifically the DYLD_PRINT_TO_FILE function. Shows the script that you can install without adware password VSearch, a variant of Genieo (other adware) and redirect the user to a specific page on the Mac App Store. It also installed the junkware MacKeeper. But this is what is right now the script; technically once took control of the system, is able to install anything without password

The researcher who discovered the vulnerability had explained that this was present in OS 10.10.4 but not in the beta of the future OS X 10.11 El Capitan, a sign that Apple is probably aware of the problem. Should not be too complicated issue an update though now becoming urgent to do it since it has been demonstrated that in circulation there are already those who exploited the bug.

Continue to reading...

 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top