14 DAY TRIAL // Security researchers warn Mac users that a variant of the OSX/Imuler malware is making the rounds, allowing cybercrooks to gain access to computers by opening a backdoor.
Sophos experts reveal that the OSX/Imuler-B Trojan lures potential victims by advertising pictures of an attractive girl.
Because Mac OS X doesn’t display file extensions by default, individuals can easily be duped into believing that the file is a harmless JPEG.
When executed, the Trojan steps into play and opens a backdoor, after which it creates a genuine picture file. Once the backdoor is opened, the Trojan deletes itself to ensure that no trace of it is left on the affected system.
The portal allows the cybercriminals to gain access to all the information found on the device, uploading the loot to a remote web server.
To avoid falling into these clever traps, Mac users are advised to change the settings of the operating system so that it always shows the files’ extensions.
Even though pieces of malware that target OS X are not as common as the ones designed to affect Microsoft operating systems, it’s recommended that users install an antivirus software just to be on the safe side.
Sophos and other security solutions providers offer decent products that protect users against online threats. However, there is a way in which this particular malware can be removed manually.
First, the process named .mdworker must be terminated, and then a couple of files named .mdworker and CurlUpload must be deleted from the /tmp/ folder.
The last step is to remove the checkvir and checkvir.plist files from the $HOME/Library/LaunchAgents/ directory.
“Mac users - learn from the mistakes of Windows users in the past. Think before you click, and don't ever underestimate the ability of cybercriminals to exploit the most primal urges of computer users,” Graham Cluley advises.
Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile.