RSPlug.A Mac OS X trojan

Posted on November 1, 2007 by Ace
Is the Mac now also becoming a target for malware?
clipped from arstechnica.com
the discovery of an actual malicious
trojan for the Mac
the OSX.RSPlug.A trojan dresses up like said Quicktime
codec, requiring an administrator password to install.
the “codec”
installer sets up a couple of fake DNS servers and a cron job that runs
every minute to reinstall the DNS servers in case they have been removed.
the malicious DNS servers are asked to translate domain names into IP
addresses, allowing the person in charge of these servers to redirect
selected destinations.
used for
phishing purposes “for sites such as eBay, PayPal and some banks”
users who think they’re secure just because they’re using a Mac
“the bad guys are taking Mac now seriously.”
Mac OS X will soon become a significant target for malware writers for the first time.
The appearance of this trojan may mean that Apple has crossed some sort of threshold for malware writers.
this
trojan does not exploit any Mac OS X weakness
  blog it
  • Twitter
  • Slashdot
  • Instapaper
  • Digg
  • Facebook
  • Mixx
  • Delicious
  • Reddit
  • FriendFeed
  • Google Buzz
  • StumbleUpon
  • Evernote
  • Share/Bookmark
This entry was posted in Tech Articles. Bookmark the permalink.

Comments are closed.

blog comments powered by Disqus