More Mac OS X malware discovered

by Graham Cluley on November 27, 2008 | Comments Off

Filed Under: Apple, Malware

Apple bag

I've been sick for a day or two. One of the drawbacks of being tucked up in bed with a fever is that my wireless signal doesn't quite make it that far up the stairs - and so the blog can be interrupted and emails left unanswered.

Anyroad, in case you missed it check out Vanja's post on the SophosLabs blog about a new example of Apple Mac OS X malware that we have encountered.

In many ways the malware, which Sophos detects as OSX/Jahlav-A, is very similar to the RSPlug financially-motivated malware that we first saw this time last year.

Like other malware campaigns engineered by this particular gang, a bogus webpage is created claiming to contain a video. Visiting the site produces a message saying that you don't have the correct codec installed to watch the video - whereupon the site offers you an EXE if you run Windows, and a DMG (Disk Image) file if you are using an Apple Mac.

Of course, installing the code is a very bad idea - whichever operating system you use.

Coincidentally, news of this latest piece of Mac OS X malware follows close on the heels of the computer vendor publishing a support advisory underlining the importance of all Apple users to run anti-virus software.

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.