Giveaway: Bracketron Case If outdoor adventures are in your future this summer, enter to win a Bracketron Sport Case with Mount Strap from MacNN and keep that iPhone, iPod or other electronic device safe from the elements.      
toggle

AAPL Stock: 454.74 ( + 1.77 )

http://www.macnn.com/articles/09/06/11/new.mac.malware.circulates/

New Mac Trojan masquerades as video codec

updated 12:05 pm EDT, Thu June 11, 2009

 

New Mac malware circulates


A new piece of Mac-targeted malware has entered the wild, say security researchers with ParetoLogic. Dubbed OSX/Jahlav-C, the software is currently associated with a website called PornTube, and is described as a Trojan concealing itself as an ActiveX object needed to run video. The approach is somewhat unusual in that ActiveX is uniquely associated with Windows, and therefore less likely to deceive a Mac user.

Should a PornTube visitor agree to install the object, an "AdobeFlash" shell script file is created in a Mac's /Library/Internet Plug-Ins folder. The file is set to execute periodically, and contains a shell script with a Perl script buried inside. The Perl code in turn communicates with a distant website, downloading data for malicious purposes. Other files associated with the Trojan include: HDTVPlayerv3.5.dmg, VideoCodec.dmg, FlashPlayer.dmg, MacTubePlayer.dmg, macvideo.dmg, License.v.3.413.dmg, play-video.dmg and QuickTime.dmg.

While malware remains uncommon on the Mac, Apple has had to stray from assertions that the platform is effectively immune to problems experienced by Windows users. A high-profile Trojan released this year has been tied to pirated copies of iWork and Photoshop, and it is believed that more malware will debut as Macs gain popularity. Hackers are known to target common platforms for the widest possible impact.


by MacNN Staff

Post tools:

TAGS :

 security, malware

Related Articles

Recent Articles

toggle

Comments

  1. lkrupp

    Junior Member

    Joined: May 2001

    +19
    06/11, 12:51pm | report spam | (1 reply) Reply |

    So tell us please

    "Apple has had to stray from assertions that the platform is effectively immune to problems experienced by Windows users."

    What vulnerability, security defect, poor programming, or other defect in OS X allows this trojan to be installed surreptitiously without the poor, clueless user knowing about it? Oh wait, it's the vulnerability, security defect, poor programming between the user's ears that is the problem, not OS X. I see now. Thanks for clearing that up.

  1. lkrupp

    Junior Member

    Joined: May 2001

    +13
    06/11, 12:54pm | report spam | Reply |

    And oh...

    We'll probably never hear a peep out of anyone who gets nailed by this trojan. It would be too embarrassing to have to admit how stupid they are.

  1. nat

    Junior Member

    Joined: Mar 2002

    +9
    06/11, 01:02pm | report spam | Reply |

    so

    let's say that the mac gets 10 viruses a day, every day, from now on and windows somehow manages to never get another one. since windows has conservatively 150,000 today, it would take roughly 40 years for the mac to catch up.

    i'll take my chances.

  1. IxOsX

    Fresh-Faced Recruit

    Joined: Feb 2009

    +14
    06/11, 01:11pm | report spam | Reply |

    Trojan not Virus

    Let me try to understand... This is some code from a porno site who ask to be installed, and the user say yes? So is this a security problem from the OS? Do not think that it is... This is a malware installed by the user and allowed to run by the distract user. So unlike the a real Virus, dissimination is null. Except for that user!

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +2
    06/11, 01:44pm | report spam | Reply |

    Re: so

    Windows doesn't have 150,000 viruses. Most of those are trojans, malware/spyware, and other fun stuff users install because people are good at fooling users at installing stuff.

  1. byRyan

    Fresh-Faced Recruit

    Joined: Jun 2007

    +14
    06/11, 01:49pm | report spam | Reply |

    Trojan

    and here I thought a Trojan was supposed to protect you from the nasty viruses assosiated with the S***** women of the adult industry ;)

  1. nat

    Junior Member

    Joined: Mar 2002

    +6
    06/11, 02:03pm | report spam | Reply |

    you say tomato..

    "Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software. In law, malware is sometimes known as a computer contaminant, for instance in the legal codes of several U. S. states."

  1. eldarkus

    Fresh-Faced Recruit

    Joined: Feb 2004

    +6
    06/11, 02:04pm | report spam | Reply |

    re: IxOsX

    Let me try to understand... This is some code from a porno site who ask to be installed, and the user say yes? So is this a security problem from the OS?

    Absolutely true.. My house came with a similar defect. I sent keys to my house to over 100 people who were on parole for burglary.. and damned if a bunch of them didn't break in!

  1. MacScientist

    Junior Member

    Joined: Feb 2000

    +6
    06/11, 02:40pm | report spam | Reply |

    ActiveX for MacOS X?

    This Trojan is supposed to be an exe file that installs an ActiveX object? I can confirm that this is true. Exactly how is this even Mac malware? Just because it has OS-X in its name?

    Every Mac user with half a brain knows that legitimate sites do not prompt users to install codecs. Furthermore, I have never ever seen a QuickTime codec installed automatically--not the first time, anyway. They all require explicit and affirmative action by the user. This site has been flagged by Google as distributing malware. My installation of Safari 4.0 diverts all attempts to watch the video to a warning about malware. It's more of a block actually. However, the blocked file is clearly a Windows file.

    Long story short--this is much ado about nothing.

  1. dynsight

    Fresh-Faced Recruit

    Joined: May 2005

    +4
    06/11, 03:11pm | report spam | Reply |

    Trojans....Ha!

    People who contract this OS X trojan should use the OTHER types of Trojans so they don't propagate their "stupid" gene to their offspring.

Show More Comments

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

HTC One

It is hard to understate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming declin ...

Samsung Galaxy S 4

Samsung's new flagship Android smartphone, the Galaxy S 4, faces even stiffer competition than its popular predecessor. With a five-in ...

HighPoint RocketU 1144CM USB 3.0 PCI-E card

Apple was one of the first -- if not the first -- major computer manufacturers to provide then-fledgling USB support at the expense of ...

toggle

Most Commented

 

Popular News