The malware subscribes victims to paid mobile services

Dec 12, 2012 08:47 GMT  ·  By

Fake installers have been around for quite some time now, but so far, they’ve only targeted Windows users. Now, researchers from security firm Doctor Web have identified a variant that’s designed for Mac OS X.

Dubbed Trojan.SMSSend.3666, the malicious element disguises itself as an installer for a popular application called VKMusic 4 – an app that allows users to listen to music on a Russian social media site.

During the “installation” process, victims are asked to provide their mobile phone numbers. Then, they’re requested to enter a code received via SMS.

By doing this, users are actually subscribing to a paid mobile service that charges their phone account on a regular basis.

This scheme, similar to older ones, uses the ZipMonster affiliate program.

Experts advise users to beware of pieces of software that request them to provide their mobile phone numbers or ones that ask them to send SMS messages. To avoid shady installers, internauts are recommended to download apps only from trusted locations.