Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Apple

Apple

 0 new articles added today in this category until now

Another OS X Trojan in The Wild

Posing as a codec needed for viewing adult content...

By Victor Mihailescu, Apple News Editor

31st of October 2007, 19:06 GMT

Adjust text size:



Enlarge picture
Mac uses need to start sleeping with the light on because there is a new security threat on the horizon. The culprit is a new OS X-specific Trojan horse that has started popping up on a few sites and has already affected one user.

OS X AV vendor Intego warns about what they labeled OSX.RSPlug.A, which is also known as DNSchanger or Ultracodec/Zlob
in its Windows incarnation. The Trojan horse is delivered to the user on seedy sites under the pretense of being a QuickTime video codec needed in order to view adult content. Once the disk image containing the Trojan has been downloaded, and the installer application is run, it will ask for the user's administrator password in order to be able to install itself. The end result has nothing to do with video codecs, and everything to do with rogue DNS settings and a cron job that will constantly reapply these settings. To complicate things a little further, under Tiger, the malicious DNS entries are not visible in the Network system preference pane.

Since Domain Name Servers (DNS) are used to direct your browser to the appropriate network address when you type in a domain name such as 'www.softpedia.com' the rogue server that the Trojan points the computer to could redirect the user towards any site whatsoever. Common uses for this include spyware/malware sites, which would have no effect on Macs; pay-per-click search engines, which could be very frustrating but no more; other pornography sites, which could be very unpleasant depending on the circumstances; and last but not least fake versions of popular sites such as PayPal, eBay or banks, which would look identical to the real ones but send any and all information you enter into them to a third party.

Like all Trojans, this one relies on user cooperation in order to be able to do anything, so there is no hard way to prevent being infected. Of course, one could avoid downloading dubious software from unknown people on seedy sites off the back end of the Internet. If that can't be avoided, one should at least be wary of programs that ask for you administrator password, especially when they come from unknown sources.

TAGS:

 Apple | OS X | Security


Rating:
Fair (2.6/5) 3 vote(s) so far    

Read by 2,564 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Smartphone Security Used Against Us!

Mac OS X and Linux Fail to Compare to Vista

The Worst, Piss Poor Security Solutions for Windows

Microsoft: Linux - 1,000+ Security Vulnerabilities - No Match for Vista

Apple: Virus = Windows

Security Experts Preach Leopard Insecurity

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

You are not logged on. Comments can still be added, but they will have to be approved before going live.
Log on to get your comments posted and visible instantly.
Your Name:
Your Email Address:
(will not be used for commercial purposes)
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive