New Trojan Tempts Mac Users With Free Porn
On Monday, security vendor Intego reported a flood of spam being sent to several Mac user forums, which lures users with the promise of free pornographic videos. But when the user visits the Website, an alert box informs them that they need to download a missing video codec before the fun can begin.
Overeager users that click the link will have a disk image file (.dmg) downloaded to their machine, but the installation won't proceed unless the user enters the administrator password, and doing so gives the Trojan full root privileges on the machine, according to Intego.
Once installed, the Trojan operates in the background until the user visits online banking, payment, or auction Websites, at which time it alters the Mac's DNS server and redirects users to nearly identical Websites set up for phishing purposes.
PCs are still more prone to attack because they can be hijacked without any interaction from the user, while Mac exploits rely on social engineering, says John Eaton, president, Eaton and Associates, San Francisco.
"The fact that Apple finally got targeted with a virus doesn't mean the honeymoon is over. I would say that Macs are still much less virus prone than PCs," Eaton said.
George Swords, marketing manager at PowerMacPac, an Apple solution provider in Portland, says because the Trojan relies on social engineering, it doesn't pose a threat to users that exercise common sense.
"But if this does become a serious threat, every antivirus vendor will be on it, because everyone wants to be the first to squash the first Mac virus," Swords said.
In a Thursday entry to the SANS Internet Storm Center Weblog, security researcher Bojan Zdrnja said this Trojan, and a similar one designed for Windows, both use classic social engineering tactics to deliver their malicious payload. The Mac Trojan also is constructed in a way that allows it to escape detection of all existing antivirus software, he wrote.
"This malware shows that we must not ignore Mac machines, and that Mac users should not think they are invulnerable just by using a Mac," Zdrnja wrote.