« Surprised by Leopard's woes? Don't be. | Main | Carphone Warehouse Sets bar at 10,000 iPhones »
OS X gets a trojan scare
It finally happened. Malware authors have finally decided to take a shot at Mac users.
Today, security vendor Intego sent out a report on a new trojan for OS X. Apparently, the malware authors have set up fake porn sites to lure in Mac users. When one attempts to view a movie, a message appears to tell the user that a codec must be downloaded in order to view the movie.
That "codec" of course is not any sort of movie-viewing software, but a malicious DNS changer which redirects traffic to phishing or ad-serving sites.
Just how much of a threat this is remains debatable. Mac defenders will also note that it is a social engineering trojan and not a remote exploit, meaning that the user has to deliberately download and accept the trojan.
It also has not been lighting up the security honeypots. When the news first broke this morning, research teams from McAfee, Symantec, and Trend Micro had yet to find a copy of the trojan in the wild. Since then, both McAfee and Sunbelt Software have found sites serving the trojan, but there are still few actual infections being reported.
The real story, however, goes well beyond this particular trojan. It may signal a new change in the attitudes malware authors have towards OS X. It has long been believed that malware authors simply do not see OS X as being worthwhile to attack. If this trojan succeeds, things may change.
So, let's make sure it doesn't. Educate your friends and family on safe practices. Don't download strange files from unknown sites, and if you do get infected, follow these steps.
Post a comment