Gordon Maddern of Dan Goodin reports that while Maddern didnâ€™t clarify what specific interactions were needed on the receiverâ€™s end to activate the payload, access to a victimâ€™s machine may potentially give attackers the ability to spread the infection to other machines on the local network, or again via Skype., using a payload derived from the Metasploit framework, was able to send colleagues malicious messages that are able to execute on their remote machines. The Registerâ€™s
The long and the short of it is that an attacker needs only to send a victim a message and they can gain remote control of the victims Mac. It is extremely wormable and dangerous.
This news follows a week where Google Images became a vector to spread malware on OS X.
Taking advantage of how Safari handles downloads by default, MacDefender malware (Read Below) has been targeting users browsing Google Images. By scaring recent converts with the possibility that their machines are infected, users are asked to install software to remove the threat. Of course, people still fall for these common methods of attack, and new Mac users may not be fully aware of how their new machines operate.
MacDefender Malware Targets:
It is a new malware that quickly spreading among Mac users using the Safari browser to visit certain websites, especially Google Images.
The application, disguised as a virus scanning tool and completely unrelated with the official MacDefender software, gets installed automatically without a userâ€™s consent upon opening a webpage, although itâ€™s not clear what kind of websites allow this kind of installation, and whether MacDefender â€œphones homeâ€ once running on a Mac to download additional pieces of code (like most malwares on Windows do). Some users are reporting they found the app installed on their Macs after visiting webpages linked on Google Images, some say itâ€™s only happening with the Safari desktop browser, others claim the app canâ€™t be removed with a simple drag & drop to the systemâ€™s Trash as, once installed, the process will beging running automatically on OS X. Again, itâ€™s not clear what kind of malware MacDefender.app is and the proportion of this â€œspreadingâ€ across Mac OS X machines, but the on Apple Support Communities seems to suggest at least hundreds of people have experienced the issue in these past few days.
Today, Ed Bott from ZDNet detailed what an attack might look like if it happens to you.
Update: This evening, Skype made a statement on their security blog addressing that the issue has already been fixed.
This vulnerability, which they blogged about earlier today, is related to a situation when a malicious contact would send a specifically crafted message that could cause Skype for Mac to crash. Note, this message would have to come from someone already in your Skype Contact List, as Skypeâ€™s default privacy settings will not let you receive messages from people that you have not already authorized, hence the term malicious contact.
A hotfix was released in version 184.108.40.2062 of Skype for Mac on April 14th. If havenâ€™t yet updated to a more recent version, now would be the time to launch the Skype app and check for an update HERE (Direct Link for Skybe).
Imp0rtant P0sts Fr0m Redsn0w.us: