Threats Move Windows to Mac OS X via Porn

As far as the Windows operating system is concerned, the threat environment is tailored on it. The ubiquity of the platform, as well as a small level of bulletproofing of older versions, have virtually made Windows a sitting duck. Of course that the 90% market share enjoyed by the operating system acts as the main factor to attract the threat environment. The equation in this case is rather simple and it involves attackers targeting the most used operating system worldwide, as a guarantee of greater success for their malicious code, exploits, etc.

2007 brought with it an explosion in terms of Mac OS X market share. At the end of the past year, Apple was pushing in excess of 2 million Mac computers per quarter, and the increasing install base of Mac OS X inherently brought with it a stronger focus on the threat environment, and the first risks for the cats. Security Company Sophos warned that malware using pornographic content to spread, masquerading as video codecs, was but the beginning of a trend for Mac OS X users.

"November 2007, Mac OS X malware made the headlines. The functionality of the malicious program, known as OSX/RSPlug, was fairly simple. It modified settings to redirect DNS requests to a server under the hacker control, allowing hackers to serve up fake websites requiring usernames and passwords, display adverts and so on. OSX/RSPlug is connected to a widespread family of Windows malware called Zlob, which promises to display pornographic material when the user loads a new codec (a program that allows internet users to watch video content)," Sophos stated.

The attack was associated with malicious email or web links that downloaded the malware. The attacks set in place have the ability to detect the underlying platform and either serve OSX/RSPlug-Gen file, for Mac OS X, or the Zlobar-Fam Trojan for Windows.

"It is concerning that the Mac has become the focus of at least one malware gang. Ultimately, future Mac malware attacks will be driven by how effective the attackers are at infecting Apple Mac users. The criminal hacking gangs are in business to make money, so if they do not see a return on their investment, they will not invest more effort," Sophos added.