Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Apple

Apple

Another OS X Trojan in The Wild

Posing as a codec needed for viewing adult content...

By Victor Mihailescu, Apple News Editor

31st of October 2007, 19:06 GMT

Adjust text size:



Enlarge picture
Mac uses need to start sleeping with the light on because there is a new security threat on the horizon. The culprit is a new OS X-specific Trojan horse that has started popping up on a few sites and has already affected one user.

OS X AV vendor Intego warns about what they labeled OSX.RSPlug.A, which is also known as DNSchanger or Ultracodec/Zlob
in its Windows incarnation. The Trojan horse is delivered to the user on seedy sites under the pretense of being a QuickTime video codec needed in order to view adult content. Once the disk image containing the Trojan has been downloaded, and the installer application is run, it will ask for the user's administrator password in order to be able to install itself. The end result has nothing to do with video codecs, and everything to do with rogue DNS settings and a cron job that will constantly reapply these settings. To complicate things a little further, under Tiger, the malicious DNS entries are not visible in the Network system preference pane.

Since Domain Name Servers (DNS) are used to direct your browser to the appropriate network address when you type in a domain name such as 'www.softpedia.com' the rogue server that the Trojan points the computer to could redirect the user towards any site whatsoever. Common uses for this include spyware/malware sites, which would have no effect on Macs; pay-per-click search engines, which could be very frustrating but no more; other pornography sites, which could be very unpleasant depending on the circumstances; and last but not least fake versions of popular sites such as PayPal, eBay or banks, which would look identical to the real ones but send any and all information you enter into them to a third party.

Like all Trojans, this one relies on user cooperation in order to be able to do anything, so there is no hard way to prevent being infected. Of course, one could avoid downloading dubious software from unknown people on seedy sites off the back end of the Internet. If that can't be avoided, one should at least be wary of programs that ask for you administrator password, especially when they come from unknown sources.

TAGS:

 Apple | OS X | Security
Read by 3,284 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Fair (2.6/5) 3 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Security Experts Preach Leopard Insecurity

Apple: Virus = Windows

Microsoft: Linux - 1,000+ Security Vulnerabilities - No Match for Vista

The Worst, Piss Poor Security Solutions for Windows

Smartphone Security Used Against Us!

Mac OS X and Linux Fail to Compare to Vista

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive