AT&T Tech Support 360
Mac OS malware targets porn surfers
There's a new piece of malware out there targeting Mac users that takes advantage of the inclination to watch porn.
Intego, a Mac security software company, issued an alert Wednesday warning Mac users of the OSX.RSPlug.A malware, which it describes as a Trojan horse. Those of you familiar with mythology recognize the reference, and OSX.RSPlug.A disguises itself as a video codec that would ensure whatever porn video you just stumbled upon will play on your Mac.
(Credit: Intego)But to get infected with the malware, you have to accept the invitation to download "new version of codec," open up the .dmg (disk image) file, click the installer.pkg file, and enter your administrator's password, according to Intego. Once infected, the malware changes your DNS settings to hijack Web traffic and redirect it to phishing sites or ads for porn. And you still won't get to watch the video.
If you're running Tiger, you might never realize how you were infected, but Leopard's Advanced Network preferences will at least let you recognize that the DNS servers have been changed. You'll be unable to change them back without going through a lengthy process detailed by Macworld's Rob Griffiths.
Intego coincidentally sells software that would also protect your Mac from the malware, and uses the opportunity to point that out on its security bulletin. But there's one surefire way to avoid these problems.
People, we're talking about Internet porn. There are literally millions of Web pages that cater to every imaginable interest (and a few I'm sure I can't imagine) that don't ask you to install software to view them. Most people know you should never install something on your computer unless you know exactly what it is, and who is sending it your way. But that red flag has to immediately shoot up if you're asked to install any unsolicited application or file that comes from a porn Web site. I don't care what they promised you at the other end of the process.
A little common sense goes a long way. Think about what you're doing before you do it, because no porn video is worth the risk of installing something evil on your Mac.
I'm glad that Leopard will alert end users that something has taken control of their system. Perhaps that can be rolled back to previous versions of OS X as well.
In the end, it's not about the OS security, but end user susceptiblity. Social engineering can get around even the best security if it wraps it up in a pretty wrapper that people will click on.
looked at it, less people would produce it...just think of the young
girls who donīt know any better...they pay for their mistake for the
rest of their life.
"You have just received a virus. Since we are not so technologically
advanced, this is a MANUAL virus. Please delete all the files on your
hard disk yourself and send this mail to everyone you know.
Thank you very much for helping me."
is actually going to be gullible enough to follow all those steps
without realizing something isn't right, but still it's the first
Trojan for the mac. I'm a mac user and do believe, right or
wrong, that OSX is more secure, however I don't think it's
perfect and accept that part of the reason security hasn't been
an issue is the small user base. But now we have the first
one...and someone will build a better one.
I don't think mac will ever suffer the fate of windows users, but
it's time for them to start paying a little more attention. I've
personally caught myself feeling a little too "immune"
sometimes, but I am pretty careful being an IT guy. Time to step
that up a notch....
doesn't even know about, let alone trust.
Interesting that someone decided to to it for OSX, but stupid
users are stupid users.
And oh, boy would you have to be stupid to install this one...
versiontracker.com (just one example of many) has all the legit
video codecs you could ever want or need, including the MSFT-
only ones.
Dear C|Net, come back when you have something that can be
installed through an IFRAME (web browser vector) or via an
application fault, 'kay? Becuase Windows has those by the
bucketload. Then we'll talk.
/P
Why do I even look at this site anymore...it is just tech sensationalism.
Mac from the malware, and uses the opportunity to point that
out on its security bulletin."
So there is this company called Intego, that only sells "security
software for Mac OS X". Too bad their products are totally
useless, since OS X is already secure - this I know from
experience. I never had malware on any of my machines,
whether under OS 7, 9 or X. That's about 10 years of constant
use - without a single infection.
Coming back to Intego, it is indeed a remarkable coincidence
that they happen to sell software that protects against a trojan
they discovered in the first place. What a lucky coincidence - for
Intego. How did this come about: Did they surf porn sites, and
discover accidentally that their software protects against
malware they picked up along the way? How convenient.
In order to become a victim of this trojan, you'd have to have all
your eyes, ears and remaining brain cells covered with an
impenetrable layer, made of testosterone and sheer stupidity.
Such people exist, of course.
because the user is... er? ... not smart enough?
And since there is not one single virus for OS X, I take that as a
compliment.
Now, there are hundreds of thousands viruses for windows
right?
Look at the mirror and ask yourself: Which platform has lots of
not so smart users?
You are right! It is not MS`s fault! It have being the dumb user
base all along.
While Mac OSX is based on Unix with Unix security, it also is based on the Classic Mac OS 9 and earlier, and has such things as AppleScript, Quicktime, Safari, iTunes, etc that are subject to exploits due to sloppy Apple code in them that Unix systems like Linux do not have.
- So---
-
by Norseman
November 2, 2007 2:42 PM PDT
- If I'm not a brain-dead porn aficionado, how will this have a negative effect on my life?
-
Reply to this comment
-
-
See all 67 Comments >>