The AVOXI Blog:
The Most Educational VOIP Call Center Software and Business Phone System Blog in the World!

New Malware on Mac Allows Remote Access to Hackers

“Pintsized” is the name for the new malware threat for Mac discovered in the last week of February 2013.  Fortunately, the malware hasn’t turned wild yet, however, it is really dangerous and can compromise your sensitive data and files.

How this malware works:

Pintsized uses a modified version of OpenSSH, and utilizes an exploit in OS X Lion and Mountain Lion, bypassing the Gatekeeper (a system-level feature that helps protect users from Trokan apps attempting to install malware) and establishing a reverse shell that creates a secure connection on a victim’s computer.  Since the connection between the hacker and the compromised Mac is encrypted, the malware is very hard to be detected or traced.

How to detect the thread:

The malware stays hidden by disguising itself as a file that is used for networked printers in Mac OS X.  The tactic conceals the malware and makes the monitor think that it is a printer seeking access to the network.

How to prevent infection:

No matter which operating system you use, the answer is always the same.  Put safe computer rules into practice, such as:

  • Avoid websites you don’t know or are unsure if you can trust
  • Do not accept files from unknown sources
  • Do not manipulate files and installers from unknown sources

Apple is now working to patch security flaws before they become major headaches, but we need to do our part too, by paying attentions to what we are doing, making sure that we know the source of the software that we are installing, and checking to make sure the files we are about to open are legitimate and really do come from trusted sources or contact.

You can find the list of security updates for Apple products here:

Apple security updates

The released list with the infected file names, as they were reported, includes:
Cupsd (Mach-O binary)


As the Lead Security Engineer and Linux Administration for AVOXI, Pablo's expertise and past work experience has given him insight to an array of systems and applications, well as knowledge among varied telephony equipment and developments.

Latest posts by Pablo Valenciano (see all)

Submit a Comment

Your email address will not be published. Required fields are marked *

Share This