Subject definition appeared in a update a day or two ago and but I could not find any announcement of it on the ClamAV VirusDB list. Now it seems to have disappeared, despite this article in today's SANS Newsletter:
> Title: Mac spyware found at Oslo freedom forum > Description: During a demonstration of how to secure personal devices > against government monitoring, respected independent researcher Jacob > Appelbaum discovered a brand new piece of targeted Mac malware on an > African activist's system - one signed with an Apple developer ID, no > less. The discovery is a reminder that targeted attacks abound on Mac > systems, and that users of that platform should be as diligent in their > patching as their PC counterparts. Further research by Norwegian company > Norman indicates that this particular piece of malware can be traced to > a professional organization inside of India, for example (details > above). > Reference: > http://www.f-secure.com/weblog/archives/00002554.html > http://www.virustotal.com/en/file/6acd92d0dfe3e298d73b78a3dcc6d52ff4f85a70a9f2d0dcfe7ae4af2dd685cc/analysis/ > Snort SID: 26670, 26671 > ClamAV: OSX.Trojan.KitM Any idea what's going on with that? -Al- -- Al Varnell Mountain View, CA _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
