Phishing DNS Trojan hits Mac OSX
Published by on November 2nd, 2007
MacWorld reports a genuine Trojan risk on Mac OSX
It was always inevitable that the stronger market share Apple achieve, the more chance there is of the less desirable elements of the internet world to want to attack its system and users. Though nowhere near as vulnerable as most Windows systems, we will certainly see an increase of malicious software of one kind or another for OSX in the coming years. This was originally reported by security company Intego on Monday.
This particular Trojan application - a (usually) malicious application masquerading as something useful or benign to persuade the user to install - can be unwittingly downloaded via some free video porn sites, which themselves have been widely promoted via forum spam. The sites claim that the user’s installed version of Quicktime requires updating and the user should click a link to download a new codec. This download, when installed, is in fact the Trojan application which will then take control of elements of the user’s internet connection - the DNS (Domain NameServer) which are effectively directory databases for routing your browser to the proper website - and will provide you with phishing versions of some websites in place of the actual ones. This means that you may think you were logging in to PayPal, for example, but you would actually be logging in to another, bogus site which will then capture your login and password details. Not nice.
The key in all of this is as simple as it always has been: STOP! and give a moment’s thought before you approve and install anything which a website tells you you need to download - particularly if you are trying to access free porn or software. If in doubt, zip up and grab a cold shower.
