Pages: [1]   Go Down
  Print  
Author Topic: New digitally signed Mac malware confuses users with right-to-left file name tricks  (Read 429 times)
HCK
Global Moderator
Hero Member
*****
Posts: 79425



« on: July 16, 2013, 11:01:14 pm »

New digitally signed Mac malware confuses users with right-to-left file name tricks
   




   

A new piece of digitally signed spyware for Mac OS X uses a special Unicode character in its file name to hide its real file extension from users and trick them into installing it.



The malware, which has been dubbed Janicab.A, is written in Python and is packaged as a stand-alone Mac application using the py2app utility, researchers from security firm F-Secure said Monday in a blog post.


It is distributed as a file called “RecentNews.?fdp.app” where the “?” is actually the right-to-left override (RLO) character known as U+202E in the Unicode encoding standard.


Unicode supports characters from most languages, including those written from right to left like Arabic and Hebrew. The special RLO character tells software that the text following it should be displayed from right to left.
To read this article in full or to leave a comment, please click here
      

http://www.macworld.com/article/2044473/new-digitally-signed-mac-malware-confuses-users-with-right-to-left-file-name-tricks.html#tk.rss_all
   
Logged
Pages: [1]   Go Up
  Print  
 
Jump to: