This is malware that lies in wait, and is harming.  These are often referred to as Trojans.  Often times it is triggered by a date.  It can also be triggered by the simple launch of a program, or application – where it is embedded.  In this case, from any systems’ point-of-view, a trusted user ends up launching the malware and granting its yield:  That is, a user that has sanction within a system by virtue of login credentials, a corresponding set of system authorities and access, and consequently permission(s) to do various things with that system.

Recognize that that user can do things to the system, with the system, and through that system – thus the malware has the same enablements.  The malware can do things to the system:  changing it, disabling parts (or all) of it, modifying the system’s payloads and deliveries (stats, reports, etc.), render certain users’ or entities’ access useless, and on and on.

The malware can do things with the system:  Using resources such as processor power, storage and bandwidth to blast information; to rip-off contacts for access to those, in assembling broadcast lists, to further distribute various content, even to further distribute and install malware.

In doing things through a system, malware can hide its true origins, making it appear that it is spawning its nefarious purposes and deliveries from your domain – and actually, it is.

Worse, Remote Access Trojans (RATs) open back doors to your resources, for purpose of remote control.  Now, changes and updates are possible for “best” possible use and abuse of hacked resources.

Tomorrow, we’ll discuss another general area, Destructive Malware, and then we’ll delve into symptoms and a few more specifics.

Word comes that more than 500,000 Macintosh machines are potentially infected with a virus – one that is specifically targeting Macs:  It’s called Flashback Trojan.  The virus is a variation on one that is normally aimed at PCs – typically powered by a Microsoft (MS) Windows operating system.  The PC virus has been re-engineered to slip past typical Mac defenses.

A Finnish-based computer security firm, F-Secure, first spotted and noted the virus, followed quickly with qualification by a Russian anti-virus program vendor, Dr. Web.

“All the stuff the bad guys have learned for doing attacks in the PC world is now starting to transition to the Mac world,” according to McAfee Labs Director of Threat Intelligence Dave Marcus.

Flashback lets hackers steal passwords and financial account numbers.  Mac users are tricked into opening this specific vulnerability:  The virus’ designers have made its installation look like a routine update to Adobe Flash video viewing software.

Once upon a time, people who labored in the Mac realm had a rather smug view of security:  Macs escaped specific targeting, it seems, and nefarious malware creators seemed to concentrate their deeds to the world of the PC.  No more.  While Mac’s position in the past seemed to be that they weren’t vulnerable to PC malware (true, in a specific sense), they are now vulnerable to Mac malware – as adapted to, and specifically created for, that environment.

Malware developers concentrated on Windows PCs because they dominated the market.  This allowed Apple to claim that PCs were more prone to hacking:  True, technically, but perhaps not so much due to any particular superiority of security of operating systems; rather, merely the luck of being a smaller target.  Now that Macs are increasing in popularity, the Apple operating system is becoming a much more attractive target.