Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Apple / Software

Software

New Mac Trojan Contains Reference to Intego

Security firm targeted in the latest circulating Mac malware

By Filip Truta, Apple News Editor

4th of December 2008, 10:53 GMT

Adjust text size:


Intego logo
Enlarge picture
A new Mac Trojan Horse has been discovered, attempting to disguise itself by naming a file “intego” - a reference to the well-known security company responsible for VirusBarrier X5 for Mac.

Although carrying a medium-level risk for Mac users, OSX.RSPlug.E trojan horse is the fifth version of the malware first discovered in 2007, Intego asserts. Upon spotting a similar threat last month, Intego noted that OSX.TrojanKit.Malez required hackers to actually have access to a Mac in order to install the code. The company stated that, “as of the present, no Trojan horses or other means of replication have been found in the wild using this tool.”

However, Intego's most recent findings, surrounding the new OSX.RSPlug.E trojan horse, include some “interesting differences with the previous versions,” the firm says in its latest security memo.

“The samples Intego has seen, named FlashPlayer.v3.348.dmg and FlashPlayer.v.dmg, contain code that refers to Intego. The actual malware code is encoded (using a standard routine called uuencode), and when it is decoded, a line of code is present saying: 'begin 666 intego.' This tells the system to create a file with read and write permissions (the 666 is a shortcut for Unix permissions, not anything to do with the 'number of the beast'), and to create a file containing the malicious code, named 'intego.' Intego wants to point out that the company obviously has nothing to do with the creation of this malware, and that the choice of this file name is a provocation from the creator of this malware.”

As usual, Intego recommends its antivirus software application for Mac, VirusBarrier X5, as a means of protection. Users are thus advised to download virus definitions of VirusBarrier X5 dated December 2, 2008, which detect this downloader more specifically.  Virus definition updates are available through NetUpdate from the Intego menu in the menubar.

Whether or not you will choose to get antivirus utilities for your Mac, Softpedia recommends that you never download and install software from questionable sources.

TAGS:

 Intego | Trojan | trojan horse | virus | VirusBarrier X5
Read by 1,296 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
NOT RATED 0 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Apple Admits Virus Threat, Recommends Antivirus Utilities

VirusBarrier X5 10.5.5 Improves Support for Time Machine Backups

New Mac Malware / Trojan in the Wild (OSX.Lamzev.A)

Intego Warns Mac Users Against Buying 'MacGuard'

Intego Updates VirusBarrier X5 for Mac OS X

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive