About us
Contact us
RSS
Newsletters
Blogs
Video
Follow us on Twitter
EVENTS
TOPIC AREAS
RESOURCE CENTRE
News
03 December 2008
Apple Trojan returns to haunt Mac users
A nasty Trojan that first hit Mac users just over a year ago has returned with sharpened teeth, a security company has revealed.
According to Mac-only security company Intego, the latest variant of RSPlug, known as RSPlug.E, has been discovered by the company on porn websites masquerading as a missing ActiveX plug-in needed to play a video.
As with its many equivalents in the Windows world, the software tries to trick users into installing it after complaining of a "missing Video ActiveX Object", which turns out to be where the program starts its install routine.
Trying to cancel the install at this point by clicking cancel prompts the malware to deliver the message, "Please install new version of Video ActiveX Object". The only way out at this point is to exit the browser.
What users get for their naivety is a DNS hijacker, capable of redirecting web address requests to any website the criminal desires, including phishing websites.
"Mac users are pretty unsavvy as far as security is concerned," said Peter James of Intego, who reckoned that many still Mac users run their computers unprotected, despite numerous warnings.
"As Mac market share is increasing, malware is increasing proportionately," he said.
Intego, of course, admits that it has a vested interest in publicising Mac malware, including drive-by Trojans such as RSPlud.E. Nevertheless, the fact that Mac users are now facing the sort of Trojan programming threats regularly experienced by PC users should alert them to the importance of the issue.
As PC Trojans go, the programming features of RSPlug.E look fairly basic. PC malware is more highly evolved and usually cleverer. But a programmer - probably a Russian - with knowledge of OSX had taken time to create a Trojan that hits Macs instead of PCs, James pointed out.
One curiosity is that one of the key files installed by the program actually bears the name of Intego itself, a provocative reference to the company's publicising of previous versions of the Trojan, and possibly a warning too.
Intego warns Mac users not to download software form unknown sources - advice PC security vendors were handing out to Windows users five years ago.
Follow highlights from Techworld on Twitter
Stay Informed > Subscribe to our Newsletters
The UK IT News widget Get it for your site!
<<newer article | back to index | older article>>
close
close
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
close
- This article is now being printed.
close
What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.
close
What is this?
Click below to add 'Apple Trojan returns to haunt Mac users' to your blog.
If you do not have a ComputerworldUK Account and would like to use this feature, please Register.
If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.
WHITE PAPERS
Seven Ways ITIL Can Help You in an Economic Downturn
- Learn more about how ITIL can help your business weather the economic storm, and how it can leave you better positioned for growth when the economy begins to rebound.
Make Compliance Work For You
-
Learn how to make compliance work for you, rather than the other way around, with this whitepaper form Oracle.
Recent Techworld features
- Can Linux distros survive Chrome OS?
- Will Chrome force a rethink on Windows?
- Vendors start making progress towards cloud communication
- Unified communications arena gets more crowded
- Say 'No' to SQL
Recent Techworld reviews
- AutoSave Encrypt
- VSS Monitoring 4x24 Distributed Filter Tap
- LG XD1 eSATA drive
- Asterisk 1.4
- Xandros Presto Linux
Latest PC Advisor news
- By Royal appointment: the Queen joins Twitter
- Twitter blocks users infected by Koobface
- Mobile phone directory site breaks down
- Datawind launches £159 UbiSurfer netbook
- NHS affected by more than 8,000 viruses
WHITE PAPERS
- Seven Ways ITIL Can Help You in an Economic Downturn
Learn more about how ITIL can help your business weather the economic storm, and how it can leave you better positioned for growth when the economy begins to rebound. - Make Compliance Work For You
Learn how to make compliance work for you, rather than the other way around, with this whitepaper form Oracle. - Modernizing IT: Strategies for Improving Service Quality and Reducing IT Costs
Working harder simply won’t get you there. No matter how many people you allocate, sinking more labour into old IT practices cannot concurrently meet rising demands on IT and cut costs. Read about cost-effective, automated ways to meet this challenge head-on in this whitepaper. - Security and Trust: The Backbone of Doing Business over the Internet
When shopping online, consumers are concerned about identity theft and are therefore wary of providing untrusted sources with their personal information, especially their credit card details. Find out how to gain the trust of online customers. - Business Continuity - Are you always open for business?
Business continuity is not an end in itself, but the key to improving performance. Oracle solutions for midsize organisations contribute by providing a secure, easily accessible, and always available information infrastructure thats's also simple and cost-effective to manage. This Oracle Business Brief explains how.
Techworld topic pages
|
|
- About Techworld | Contact | Privacy Policy | About IDG | All contents © IDG 2009 | webmaster@techworld.com
- Infoworld | Networkworld | Tecchannel | Techworld Netherlands | IT World Canada
Comments received
Dante said on Wednesday, 03 December 2008
This is just Windoze hype by the Enemy. Keep the faith. There are NO virus out there for Macs. Keep your Macs clean. The Russian retirement fund thanks you for keeping the faith.
Pete said on Wednesday, 03 December 2008
I wonder what Intego's business plan looks like as a Mac-only security company. How do they make a living?
Ken Collins said on Wednesday, 03 December 2008
Two trojans in two years. No viruses at all. Oh my! If only my Windows computer had problems like that.
Dante said on Thursday, 04 December 2008
I totally agree with you, Mr. Collins. Mac users should not clutter up their computers with these bloated security softwares. There are no problems. Keep the Faith, man.
Marc said on Friday, 05 December 2008
In other words, if a user doesn't have the root (admin) password, there is nothing so far that can infect them? Yet, anyway.
Windows is insecure because of flaws in the security model that allows programs to install themselves with admin privileges without any user interaction. So far, I've yet to be convinced the same problem exists on Macs. But do keep trying, it's good for security, and for critical thinking skills as we look carefully at who stands to profit from people believing the scare tactics.
It's not a matter of market share. It's a matter of design.
Enjoy surfing the internet for hours at a time. said on Monday, 15 December 2008
If you’re anything like me then you enjoy surfing the internet for hours at a time. There is so much information available I just seem to get wrapped up in it all. Of course, this means picking up bugs that can literally ruin my computer and cause it to run too slow. To take care of my PC I’ve been searching for a good scan to keep it bug free. I tried many different ones but I like Search-and-destroy Antispyware the best. With the antispyware solution from Search-and-destroy (http://www.Search-and-destroy.com/antispyware.html) I get one of the best scans I’ve ever used at a great low price. This is exactly what I’ve been searching for.