• DETECTS, ISOLATES & REMOVES SPYWARE
  • Detects over 10000 blacklisted tracking cookies
  • Internet Clutter Cleanup
  • Free Definition Updates
  • No Subscription Fees

Macscan; Detects, Isolates and Removes Spyware
Order anytime!

MacScan Advisories

OSX/WireLurker.A 1.0
View All


MacScan Poll

  • How often do you run MacScan?

    View Results

    Loading ... Loading ...

Security Advisory: AppleScript.THT Trojan Horse

June 19, 08

SecureMac has discovered multiple variants of a new Trojan horse in the wild that affects Mac OS X 10.4 and 10.5. The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire.

sample
Advisory: AppleScript.THT Trojan Horse
Discovery: June 19th, 2008
Security Risk: Critical

SecureMac has discovered multiple variants of a new Trojan horse in the wild that affects Mac OS X 10.4 and 10.5. The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire.

The Trojan horse runs hidden on the system, and allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging. Additionally, the AppleScript.THT Trojan horse can log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing. The Trojan horse exploits a recently discovered vulnerability with the Apple Remote Desktop Agent, which allows it to run as root.

The Trojan is distributed as either a compiled AppleScript, called ASthtv05 (60 KB in size), or as an application bundle called AStht_v06 (3.1 MB in size). The user must download and open the Trojan horse in order to become infected. Once the Trojan horse is running, it will move itself into the /Library/Caches/ folder, and add itself to the System Login Items.

Protection: To protect your system against this threat, run MacScan 2.5.2 (MacScan is a product of SecureMac) with the latest Spyware Definitions update (2008011), dated June 19th, 2008. SecureMac recommends that users download files only from trusted sources and sites.

Resources: PDF Advisory

About MacScan:
 MacScan quickly detects, isolates and removes spyware from Macintosh computers using both real-time spyware definition updating and unique detection methods.  The software also manages internet-related clutter on your computer. It is designed for Mac OS X version 10.2.4 and later, and is compatible with OS X 10.5 (Leopard). For more information, or to download a demo version of MacScan, visit http://macscan.securemac.com.

About SecureMac: 
Since 1999, SecureMac.com has been at the forefront of Macintosh system security. The site not only features complete Macintosh Anti-Spyware and Antivirus solutions, but also operates as a clearinghouse for news, reviews and discussion of Apple computer security issues. Users from novice to the most advanced will find useful information at SecureMac that is designed to make their computer experience trouble free. SecureMac can be contacted by e-mailing macsec@securemac.com or by calling the office at 702-924-0881.



Featured Retailers Frys Electronics Micro Center Office Max Tekserv The Mac Mall
Connect to Us Follow @MacScan on twitter Follow MacScan on Facebook


home | about | download | purchase | support | spyware list | mailing list | User Groups | affiliates | MacScan Blog | contact
MacScan is a product of SecureMac. MacScan and the red lock are © 2009-2014 SecureMac.
SecureMac.com, Inc.