toggle

AAPL Stock: 119 ( + 1.4 )

Printed from http://www.macnn.com

Mac OS X trojan removal tool debuts

updated 06:45 pm EST, Thu January 3, 2008

Trojan removal tool

SecureMac has announced a free Trojan Detection Tool dubbed DNSChanger Removal Tool. DNSChanger Removal Tool detects and removes latest spyware targeting Mac OS X: DNSChanger Trojan (also known as OSX.RSPlug.A Trojan Horse). This trojan attacks users attempting to play a fake video file. Affected systems are used to hijack some Web requests that lead users to other phishing sites, or simply display ads for other pornographic websites to generate ad revenue. Phishing attacks may lead users to believe they are surfing to eBay, Paypal, or various banks when in fact they are accessing specially-crafted mockups designed to retrieve usernames and passwords for those sites. Upon attempting to play the video, the victim receives the following message: "Quicktime Player is unable to play movie file. Please click here to download new version of codec."

The user's DNS records are modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's DNS records stay modified on a minute-by-minute basis.

The trojan is rated as a critical risk by Intego, and is known to affect Mac OS X 10.4 Tiger as well as Mac OS X 10.5 Leopard. Intego is testing prior versions of Mac OS X, but believes them to be vulnerable as well.

SecureMac's DNSChanger Removal Tool allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. maccam

    Joined: Dec 1969

    +1

    Find one?

    Anybody find one? My computer was clean.

  1. eldarkus

    Joined: Dec 1969

    0

    nope..

    mine was clean too ;)

  1. gskibum3

    Joined: Dec 1969

    0

    nope...

    Me three! I'm clean!

  1. Feathers

    Joined: Dec 1969

    0

    No trojans...

    No Trojans so I'll have to use Durex although I did find a horse's head in my bed. Man I need to stop drinking...

  1. Guest

    Joined: Dec 1969

    0

    nope..

    Me too, clean!

  1. MiMiC

    Joined: Dec 1969

    0

    Nice PR Stunt

    I'm Clean, but then it wants you to visit the store and buy the MacScan.

    Cool PR.

  1. gskibum3

    Joined: Dec 1969

    0

    Testudio...

    As you don't use anti-virus on your Macs, I'll assume you have this trojan. Or is it this week you do use anti-virus, and then next week you'll be back to not using it when the story your commenting on makes it convenient to take that position.

  1. Eriamjh

    Joined: Dec 1969

    0

    What if...

    ...the software IS a trojan?

  1. 24klogos

    Joined: Dec 1969

    0

    it was a matter of time

    oh man, i miss my PPC days...

  1. unhappyending

    Joined: Dec 1969

    0

    okay

    Is it just me or is the site down?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

IDrive cloud backup and sync service

There are a lot of cloud services out there, and nearly all of them can be used for backing up key files and folders. A few dedicated ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

MaxUpgrades 512GB Retina MacBook Pro SSD

Apple's Retina line of MacBook Pro notebooks have been impressive, right from their debut in 2012. Thinner than the previous model, t ...

toggle

Most Commented