RSPlug.A Mac OS X trojan

Is the Mac now also becoming a target for malware?
clipped from
the discovery of an actual malicious
trojan for the Mac
the OSX.RSPlug.A trojan dresses up like said Quicktime
codec, requiring an administrator password to install.
the “codec”
installer sets up a couple of fake DNS servers and a cron job that runs
every minute to reinstall the DNS servers in case they have been removed.
the malicious DNS servers are asked to translate domain names into IP
addresses, allowing the person in charge of these servers to redirect
selected destinations.
used for
phishing purposes “for sites such as eBay, PayPal and some banks”
users who think they’re secure just because they’re using a Mac
“the bad guys are taking Mac now seriously.”
Mac OS X will soon become a significant target for malware writers for the first time.
The appearance of this trojan may mean that Apple has crossed some sort of threshold for malware writers.
trojan does not exploit any Mac OS X weakness
  blog it

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s