New Malware Targets Mac OS and iTunes

An Argentinian researcher has released the details of an exploit that enables malware plants on end user computers running iTunes, Mac OS X, Winzip and many popular programs according to a report from UK news site the Register.

Internet security firm Infobyte (infobyte.com) researcher Francisco Amato prepared a report that described Evilgrade, an exploit of the weaknesses in the automatic upgrade feature of an infected program or operating system.

Such an attack would be completely ineffective unless "a man-in-the-middle" attack has first been carried out, in which hackers sit between the victim and a trusted site to wage their attack. But it is now gaining strength due to the domain name system vulnerability researcher Dan Kaminsky discovered earlier in the month.