IT security and control firm Sophos is warning Apple Mac users to be on their guard against Web sites hosting malicious code designed to infect their systems.
The advice follows the discovery of a new version of the OSX/RSPlug Trojan horse that is being distributed via a legitimate-looking Web site offering HDTV software.
Sophos has produced a video, demonstrating how the Mac malware has been distributed on a malicious Web site, which journalists and bloggers are free to embed on their own Web sites: http://www.sophos.com/blogs/gc/g/2009/03/25/apple-mac-malware
"While there is much less malware for the Apple Mac than for Windows, it doesn't mean that Apple fans can avoid the issue," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"Mac users are no different to Windows users when it comes to falling for social engineering tricks like this - they are just as likely to install and run this program on their computer if they believe it will help them watch high definition TV."
Sophos notes that the criminal gang behind this malware attack is targeting Windows computers as well as Mac OS X.
If a user visits the Web site from a Windows computer, it will serve up a malicious Windows executable from the Zlob family of malware rather than the RSPlug-F Mac OS X Trojan horse. “By targeting both platforms with their malicious Web site, the hackers can kill two birds with one stone," says Myroff.
"Once a piece of malware such as this is in place on a user's computer, it can do whatever the hacker wants it to do. Mac users are gambling with the security of their data if they believe they are somehow immune from threats that Windows users have been living with for years."
Sophos experts have determined that the RSPlug-F Trojan horse changes DNS Settings on Apple Mac computers, meaning users may find they are taken to bogus Web sites, which may attempt to steal personal information, display revenue-generating adverts, or install further malware.
Share
Sophos South Africa
Netxactics, trading as Sophos South Africa, is a South African-based company focused on the provision of security solutions. It is the Master Distributor for UK-based Sophos Plc, one of the leaders in the provision of network access control and endpoint, e-mail and Web security and control solutions for the corporate environment. For more information, visit Sophos South Africa at http://www.sophos.co.za.
Sophos
Sophos enables enterprises worldwide to secure and control their IT infrastructure. Our network access control, endpoint, web and e-mail solutions simplify security to provide integrated defences against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, we protect over 100 million users in nearly 150 countries with our reliably engineered security solutions and services. Recognised for our high level of customer satisfaction, we have an enviable history of industry awards, reviews and certifications. Sophos is headquartered in Boston, Massachusetts and Oxford, UK.
Editorial contacts