IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Mac OS X gets first ever crimeware kit

Mac OS X users are being targeted by the first ever crimeware created for the operating system.

Apple Mac

The first ever crimeware kit targeting Apple's Mac OS X has been spotted, featuring stark similarities to the popular Zeus toolset targeting Windows PCs.

The DIY kit can grab forms from Firefox running on the Apple OS, meaning passwords could be taken, alongside other information the victim types in the browser, Danish security firm CSIS reported.

Consisting of a builder and an admin panel, the kit has been advertised on a number of closed underground forums.

"The kit is being sold under the name Weyland-Yutani BOT and it is the first of its kind to hit the Mac OS platform. Apparently, a dedicated iPad and Linux release are under preparation as well," said Peter Kruse, partner and security specialist at CSIS, in a blog post.

Kruse said the kit only enabled web injects and form grabbing in Firefox at the current time, but warned both Chrome and Safari "will soon follow."

"CSIS finds this crimekit to be quite disturbing news since Mac OS previously to some degree has been spared from the increasing amount of malware which has haunted Windows-based systems for years," he added.

"This could have resulted in a false sense of security that might make Mac OS user especially vulnerable to a sudden and highly sophisticated attack."

Mac issues

Mac users can expect increasing numbers of attacks in the future as hackers look towards a wider range of platforms, according to experts.

Sophos today warned of a poisoned Google SEO attack affecting both Mac and Windows users.

A number of search terms have been targeted, including ones based around global warming and more current topics like Osama bin Laden's death, attempting to lure users into downloading a fake anti-virus program called MacDefender.

Even after infection, the user will be repeatedly bombarded with fake warning messages to encourage them to pay for non-existent threats to be removed, Sophos said.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Chrome vs Firefox vs Microsoft Edge
web browser

Chrome vs Firefox vs Microsoft Edge

19 Jul 2022
Apple cuts ties with Jony Ive after 30 years
Hardware

Apple cuts ties with Jony Ive after 30 years

13 Jul 2022
Best business smartphones 2022: The top handsets from Apple, Samsung, Google and more
Mobile

Best business smartphones 2022: The top handsets from Apple, Samsung, Google and more

23 Jun 2022
Best business laptops 2022: Acer, Asus, Dell and more
Laptops

Best business laptops 2022: Acer, Asus, Dell and more

13 Jun 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022