New Trojan could mean attackers are waking up to Mac OS X.

Security firm Sophos has identified a new Trojan horse circulating that targets Apple’s Mac OS X platform, dubbing it OSX/MusMinim-A, after the malware’s apparent author. Although users still have to be tricked into downloading the Trojan—and the software currently claims it’s not finished and that more features are coming—the malware can run arbitrary Unix shell commands, shut down and restart the computer, put files on the desktop, and phish for users’ administration passwords. Sophos categorized the risk from the malware as low—and notes that its antivirus software can correctly detect and remove it—although the appearance of new malware targeting Mac OS X may re-ignite debates over the platform’s security.
Apple’s Macintosh platform hasn’t had a serious threat from viruses since the early 1990s, while Microsoft’s Windows platforms have been engaged in a constant state of war with malware, worms, viruses, and security exploits for decades. Many security experts point out this has more to do with the economics of the malware industry than anything inherently more secure about the Macintosh platform: it simply hasn’t been worth virus-writers’ time to target Mac OS X because Apple’s market share has been low enough that it wasn’t an appealing target. However, as Apple’s fortunes have climbed to stratospheric heights on the success of the iPhone and iPad, Macintosh sales have also increased—and many have expected malware authors to take notice of the platform.
The fact the Mac hasn’t had to deal with a significant malware threat in so long has also created a culture of complacency amongst Macintosh users, many of whom believe the Mac is somehow magically immune to malware—even experts don’t bother with antivirus software because, for the time being, there really isn’t anything for it to do. Nonetheless, most security researchers agree Mac OS X’s built-in security technologies are well behind other platform, although Apple has just invited security researchers to look at its forthcoming Mac OS X 10.7 “Lion.”
According to Sophos, the trojan (which calls itself Blackhole RAT, no relation to Michaël Fortin’s Black Hole wipedown software) is a variation on the darkComet remote access trojan (RAT) for Windows. Like all Trojan horses, the OSX/MusMinim-A malware needs to be executed by the user to affect a user’s machine; the most common distribution methods for Trojans are sites offering pirated software and other items that users expect to have to install on their computers.

Read More :- New MacOS Trojan Horse.

Malware Ads Hit London Stock Exchange Web Site.

Visitors to the London Stock Exchange's Web site were hit with malicious ads over the weekend, designed to pop up fake security messages on their computers.
The culprit was an online advertisement that was somehow placed on the Unanimis ad network, which is used by the the Web site, a London Stock Exchange spokeswoman said Monday. "We had an advert on the site that linked through to a third-party website that was hosting this malware," she said. She did not know how many people had been served the malicious ad.
The Stock Exchange's Web site itself was not compromised, and the ad was removed as soon as it was discovered on Sunday, she said.
Nevertheless, visitors to the site early Monday were greeted with browser warnings saying that londonstockexchange.com had been reported as an attack page. The warnings showed up in the Firefox, Chrome and Safari browsers, but were removed later in the day.
"The malware was a classic spoof antivirus program which used a software vulnerability to download and install native executable code," said Paul Mutton, a researcher with Web analytics firm Netcraft, who reported the issue on his personal blog.
The malware pops up a message on the victim's computer that reads "Warning! You're in danger! Your computer is infected with spyware." This is a common type of malicious program, called "rogue antivirus," which is designed to trick the user into paying for useless antivirus software. Typically the victim ends up handing money over to the scammers, but the malicious software doesn't really go away.
In an online chat, Mutton said he did not know what bug the hackers used to install their malware. He also said he couldn't discuss the incident further.
In a brief statement, Unanimis said it had found malware "which affected some advertisements on our network." Unanimis is owned by European telecommunications giant Orange France Telecom Group.
Security experts say that criminals have become adept at sneaking onto online ad networks in recent years. In December, Google's ad network was hit with a similar type of malware. That attack lasted for about five days, according to security vendor Armorize.

Read More :- Websites Hit By Malware Ad's.