A new worm known as Renepo is turning off firewalls and other security measures built into Mac OS X.
"Renepo makes such a wide range of security-related changes that all security bets are off once you have been compromised," said Paul Ducklin, Asia Pacific head of technology at anti-virus, anti-spam vendor, Sophos.
The worm can render an infected machine vulnerable to subsequent attacks by disabling security software, downloading hacking tools and making key system directories world-writeable.
"Because Renepo attempts to harvest user, configuration and password data for a wide range of applications, including FTP servers, web servers, browsers, the VNC remote control program and the operating system itself, it represents a huge security headache rolled into a single shell script," Ducklin said.
Renepo's ability to spread is limited as it only replicates across network shares. However Ducklin warned, "You do not want this thing in your OS X network."
The worm has yet to be reported in the wild. Ducklin said there is no immediate danger but suggests that it be a warning for Mac users.
"Hopefully, its existence will be a timely warning to any Mac users who still assume they are safe because the bad guys aren't interested in the Mac platform."
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
