Full Disclosure mailing list archives
Re: OS X malware family has a new member: OSX.Lamzev.A
From: adrian.lamo () hushmail com
Date: Sat, 15 Nov 2008 15:38:58 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 What the fuck are you talking about now, n3td3v? There is no mention of a vulnerability. There is no evolving situation. Please keep your technically misunderstood blogging to your own internet site and off of our lists. You probably don't even know what the differences are between zeroday exploits, 0day exploits, unknown vulnerabilities, known vulnerabilities, and exploits being found in the wild, do you? - -adrian (not the homeless dude, the other one) On Sat, 15 Nov 2008 05:38:34 -0500 Juha-Matti Laurio <juha- matti.laurio () netti fi> wrote:
This is and was the situation when writing the entry. More information and information about the possibly previously unknown vulnerability related to the Trojan is not available. Now Symantec analysis says that -Trojan creates the file /tmp/com.apple.DockSettings -inserts its contents into ~/Library/LaunchAgents, and -deletes /tmp/com.apple.DockSettings. Source: http://www.symantec.com/business/security_response/writeup.jsp?doci d=2008-111315-1230-99&tabid=2 Juha-Matti Mario D [phisher_hunter () yahoo com] kirjoitti:They may be under pressure from Apple to not release details.Remember the MacBook wireless drama?--- On Fri, 11/14/08, rholgstad <rholgstad () gmail com> wrote: From: rholgstad <rholgstad () gmail com> Subject: Re: [Full-disclosure] OS X malware family has a newmember: OSX.Lamzev.ATo: "Juha-Matti Laurio" <juha-matti.laurio () netti fi> Cc: full-disclosure () lists grok org uk Date: Friday, November 14, 2008, 12:27 PM Sweet more non-tech writeup from securiteam. I am beginning towonder ifsecuriteam is really a technical company or just a bunch ofcluelessjournalists like Nate McFeters. Juha-Matti Laurio wrote:New Trojan horse for Mac OS X found, the Trojan is known asOSX.Lamzev.Aby Symantec.A short history of Mac malware: Mac.Hovdy.a (June '08), OSX.Exploit.Launchd (June '06), and Leap.A (February '06). More at http://blogs.securiteam.com/?p=1160 Juha-Matti_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAkkfM2IACgkQ8J2EGU1ixm7HygP/bsjkw5HQFHmwSUdhS7xpamtdlEdu J47Iw4WLYkIGVqPsdZnMwZQ2SaptCAAw7Kuu2QoWX4A7/wFHcVJk3ztQgrrzov1KV4qz AlDHt3s42zStFk1ppdtEESGokIsT02WufxhA/EdofN6lsgiZ3Wx/1FcEAqtW7QW9eayM 1YOkVRk= =yA13 -----END PGP SIGNATURE----- -- Go to massage therapy school and make up to $150/hour, click now! http://tagline.hushmail.com/fc/PnY6qxsbdahOU8beZPfXxw6fIQ1P7sUQVKoI5wzcqomKxIPI9eyrG/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: OS X malware family has a new member: OSX.Lamzev.A adrian . lamo (Nov 15)
- <Possible follow-ups>
- Re: OS X malware family has a new member: OSX.Lamzev.A adrian . lamo (Nov 15)