New malware targeting MAC OS X
November 18, 2008 by Marcos Christodonte II
Trend Micro reports of a new form a malware targeting MAC OS X. The malware, called OSX_LAMZEV.A, can download itself when a user visits a compromised website, or when a user downloads it thinking it’s a legitimate program.
According to Trend:
It prompts the user to select an application and port number above 1024. This may serve as a backdoor whenever the application is opened.
It creates the file /tmp/com.apple.DockSettings and is copied to ~/Library/LaunchAgents. It is then deleted once it has been loaded. This routine allows the backdoor to execute during system startup
The full article can be found here.