Thursday, July 7, 2016

New Mac backdoor program steals keychain contents [feedly]

New Mac backdoor program steals keychain contents
http://machash.com/macworld/197855/new-mac-backdoor-program-steals-keychain-contents/

-- via my feedly newsfeed

Researchers have identified a new Mac backdoor program that's designed to steal credentials stored in the OS-encrypted keychain and give attackers control over the system. Dubbed OSX/Keydnap by researchers from antivirus vendor ESET, this is the second backdoor program targeting Macs found by antivirus firms in the past few days. It's not clear how Keydnap is distributed, but it arrives on computers in the form of a zip archive. Inside there's an executable file with an apparently benign extension such as .txt or .jpg that actually has a space character at the end. The file also has an . . .