This is and was the situation when writing the entry. More information and information about the possibly previously unknown vulnerability related to the Trojan is not available.
Now Symantec analysis says that -Trojan creates the file /tmp/com.apple.DockSettings -inserts its contents into ~/Library/LaunchAgents, and -deletes /tmp/com.apple.DockSettings. Source: http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-111315-1230-99&tabid=2 Juha-Matti Mario D [EMAIL PROTECTED] kirjoitti: > They may be under pressure from Apple to not release details. Remember the > MacBook wireless drama? > > --- On Fri, 11/14/08, rholgstad <[EMAIL PROTECTED]> wrote: > From: rholgstad <[EMAIL PROTECTED]> > Subject: Re: [Full-disclosure] OS X malware family has a new member: > OSX.Lamzev.A > To: "Juha-Matti Laurio" <[EMAIL PROTECTED]> > Cc: [email protected] > Date: Friday, November 14, 2008, 12:27 PM > > Sweet more non-tech writeup from securiteam. I am beginning to wonder if > securiteam is really a technical company or just a bunch of clueless > journalists like Nate McFeters. > > Juha-Matti Laurio wrote: > > New Trojan horse for Mac OS X found, the Trojan is known as OSX.Lamzev.A > by Symantec. > > > > A short history of Mac malware: > > Mac.Hovdy.a (June '08), > > OSX.Exploit.Launchd (June '06), and > > Leap.A (February '06). > > > > More at > > http://blogs.securiteam.com/?p=1160 > > > > Juha-Matti _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
