You’ve probably updated your Mac by now to remove Flashback malware from your computer. If you haven’t done that yet, you should read our how-to guide to keep your personal information safe from prying internet criminals. But there’s a new trojan that should keep you on your toes called “Backdoor.” And you have Microsoft Office to blame for it.
The trojan is just a month old and exploits a Java vulnerability says Costin Raiu of Kaspersky. In doing so, “Backdoor.OSX.SabPub.a” is able to get past malware detection products without being detected. It then latches on to Microsoft Office documents and infects them. Raiu says the trojan is currently in its “active stage” and going through documents on infected machines. What is most worrying is the fact that it connects to a command and control server hosted somewhere in California. Any information Backdoor collects from your documents will eventually be sent over to the server.
So how does it infect Macs? For starters, transferring Microsoft Office documents directly to your Mac from a Windows PC is one way of getting infected. Downloading infected MS Office documents from email attachments and the internet are two more ways that could infect your Mac with Backdoor.
Basically, any infected MS Office document that makes their way to your Mac leaves your personal information vulnerable from getting stolen.
The safest way to protect yourself at this point would be to avoid transferring or downloading Microsoft Office documents to your Mac. We also suggest that you avoid delete any document containing sensitive information about you like complete name, address, contact numbers, credit card information, and so on. Anti-virus products are probably working on a major update that could detect and remove Backdoor from your computer. Hopefully, another Java update will be launched by Microsoft to cover up this vulnerability and prevent the trojan from spreading.
via Secure List