A new malware targeting Mac computers have been found and is given the name Dockster. Dockster is a backdoor malware that allows the attacker to compromise the victim’s computer by logging keystrokes and downloading files. It infects computers in the same way as the Flashback malware, which was first discovered in September, 2011. This particular exploit was due to a vulnerability in Java, which Apple had issued a patch for in April, 2012. Systems that have not been patched, however, are still vulnerable to this malware.
Mac security vendor Intego has labelled this malware as low-risk, and blogged that it is not known to be widespread. Mac computers that have been patched properly would not be infected by this malware.
Please note that Dockster is technically not a virus, as a virus is defined as something replicates itself and attaches to an executable file in order to infect a computer, and that is not the case with Dockster. Rather, Dockster is a Trojan horse, which is defined as a malicious application that pretends to be a useful file but its real purpose is more sinister.
F-Secure reported that Dockster is found on gyalwarinpoche.com, a site related to Dalai Lama. Sites related to the exile Tibetan government are often targets of hackers. Norton Safe Web gives this site a Warning rating, while McAfee SiteAdvisor “found potential security risks” with this site. So, if you have protection from these two services, you’ll be warned before going there. In addition, even if you are not on Mac, you still should not visit this site, as there are other malware present at this site that would infect other operating systems.