Bogus 'free' Mac OS X Snow Leopard sites carry malware
Thursday, August 27, 2009
Cybercriminals are hoping to exploit Mac users searching for free downloads of the Snow Leopard version of the Mac operating system, Mac OS X 10.6. Security researchers have spotted websites hosting Trojan malware disguised as phony Snow Leopard downloads.
Security researcher Feike Hacquebord of Trend Micro yesterday discovered several websites that claim to offer free downloads of Snow Leopard, which Apple is releasing on Friday, August 28. Trend Micro reports that these malicious sites direct users to download a DNS changing Trojan detected as OSX_JAHLAV.K.
The Trojan downloads other scripts that alter the DNS configuration and add two IP addresses to the DNS server. This could be used to redirect infected Mac users to phishing sites and other malware sites, Trend Micro said on its malware blog.
Cybercriminals have used this tactic to exploit users looking for other popular software updates, such as Microsoft's Windows 7. Pirated copies of Windows 7 RC that were infected with a Trojan horse has likely built a botnet with thousands of PCs, according to security researchers.
Hackers have also used pirated versions of iWork '09 and the Mac version of Adobe Photoshop CS4 in an attempt to build a Mac botnet.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
