Intego: Phishing trojan targets OS X

Security vendor Intego claims to have found a new trojan attack that targets Apple's OS X operating system but competing security firms (McAfee, Symantec, and Trend Micro) have yet to find samples of the trojan. Intego said that malware authors spammed Mac forums with links to pornographic websites hosting the malware. If confirmed, the trojan would be the first piece of truly malicious software to be targeted at OS X, as opposed to the various proof-of-concept attacks that researchers have previously developed.

The OSX.RSPlug.A trojan allegedly disguises itself as a video codec that would provide access to a pornographic video but in reality is a piece of malware classified as a 'DNS Changer'. The software changes the way OS X would handle the DNS requests that are used to link numerical IP addresses to web URLs. The tool allows the attackers to redirect web traffic, opening the door for phishing scams.

News source: vnunet

Report a problem with article
Previous Story

Western Digital Ships Industry's First 320GB Mobile HDD

Next Story

NeowinCAST News Edition for October 31st, 2007

27 Comments

Commenting is disabled on this article.

Finally... it was about time! Now, bring on the viruses/malware/malicious stuff that have been bothering us (ex ) windows users for years and years.

InsaneNutter said,
To be honest I can see a lot of people doing that too, some people just install anything.

So, it's essentially an exploit of human intelligence (or lack thereof), rather than an exploit of the OS.

NeoTrunks said,

So, it's essentially an exploit of human intelligence (or lack thereof), rather than an exploit of the OS.


It's called social engineering.

NeoTrunks said,

So, it's essentially an exploit of human intelligence (or lack thereof), rather than an exploit of the OS.

and thats how the majority of viruses infect machines. are you surprised??


ever heard of kevin mitnick, he did mist of his hacking through social engineering, things like pretending to be suport adn asking for passwords, there was even a test in the UK i thik where people were giving out chocolates to people that told them thier password, and a ridiculous amountof people told them their password.

i think this is funny, yes i laugh at other OS misfortune if it's real, which it still may not be it may just shut up the OSX is unbreakable comments which we all know are not true adn are sick of hearing.

as for the you have to be stupid to install this, thats why the majority of viruses get on machines because of IDIOTS.

hell if all users were smart and knew how to keep a machine clean then we wouldn't have half the viruses out in the wild.

this is the same old argument yet again, the MAC fan boys will say it doesn't matter the windows fanboys will say mac sux and in the end everythign will be the same. and mac users won't decide to run AV software and will keep saying there are no viruses for osx and that proof of concept viruses don't count. blah blah blah.

Nope, macs aren't immune to you deciding to install software.

This example of a "trojan horse" (as if!) off a porn site (can it be more obvious??) is pretty much the same as you actively deciding to take a hammer and start bashing the hell out of your mac.

I read on OSNEWS that they have a mac product out :-)

Shouldn't this type of thing be illegal, its similar to thugs going into a restaurant with a baseball bat and commenting on how fragile everthing is.

I was going to submit this one, I noticed on doing some digging for my submission that Intego has reported on Mac trojans before and been debunked. See here. Notable quotes include...

"On Friday, Mac programmers and security experts accused the company of exaggerating the threat to sell its security software.",

""They are spreading FUD to sell their software," said Ryan Kaldari, a programmer from Nashville, Tennessee, referring to the shorthand for fear, uncertainty and doubt."

It would seem that Intego has used dodgy tactics to sell it's mac security software before.

Anyway, hopefully this will get patched up soon enough.

I couldn't be arsed to read the article after so many "proof of concepts" especially in this case where other Security vendors are poo poo the claims, but really it asks for you administrator password? LOL

i find this funny, knew it was comming

but come on,,, it asks to be isntalled, user has to put in their administrator password, and gotten by lookign at britany spears "questionable" videos.....

if it was IRL, they would prolly get a Virus also,, jsut Non-Digital


also this virus,, doesnt self-propagate, its more like a program a user installs thinking its something else

That's how trojans work. You download and run something thinking it's something else. It totally depends on the user agreeing to run it.