Mac malware adopts porn video disguise

Filed Under: Apple, Malware, Video

Earlier today, Pob in SophosLabs blogged about the discovery of two new pieces of malware for the Apple Mac OS X operating system.

Although there is only a tiny amount of Mac malware compared to Windows viruses, that's going to be little consolation if your gorgeous new MacBook gets infected. And sadly we know that many Mac users still believe they are somehow magically immune from attacks.

As we've demonstrated before, and as we'll no doubt explain again, the Mac malware threat is real. Hackers are deliberately planting malicious code on websites, and using social engineering tricks to fool you into installing it onto your computer.

In the following video, which demonstrates one of today's new pieces of Mac malware, a video promising you hardcore pornographic videos pops up a message demanding that you install an ActiveX component to view more. Of course, if you do agree to install the program (it is quite insistent) you actually end up installing a Trojan horse, which effectively hands your computer over to whatever takes the whim of a remote hacker.

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

You see, I've got a theory that although many people are undoubtedly buying Apple computers because they're beautifully designed and well-marketed, there will also be some people who have dumped Windows because they are fed up with all of the spyware, pop-ups and virus attacks.

Indeed, some of the people who may well have suffered a lot from those kind of attacks in the past may be exactly the same kind of folk who visit the grubbier areas of the internet in the wee small hours of the morning. And they may feel that one of the side benefits of switching to a Mac is that they now don't have to worry about all of those nasty things while they're err.. watching nasty things.

Mac user, surfing for porn, all ending in tears

But if they think they are immune from attacks they're making a mistake. We're seeing more attacks against Mac users all the time, with hackers planting bear-traps that work out if you're visiting their page on a Windows or Mac computer, and deliver the appropriate malicious payload accordingly.

Interestingly, the discover of two new examples of Mac malware on the same day has happened just after Apple has shown off some of the new features of Snow Leopard, the next version of its Mac OS X operating system in San Francisco.

And after the debacle of last year when Apple was seen to be recommending its users run anti-virus software, only to quickly withdraw the advice, Apple has devoted a page to the security features of Snow Leopard.

And what do we find on that page? The following advice:

The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection.

"May offer additional protection?". Hmm.. Seeing as the attack mentioned above is not taking advantage of any OS vulnerabilities and just exploiting human weakness, I think Apple would be wise to change that "may" to a "will definitely".

,

You might like

One Response to Mac malware adopts porn video disguise

  1. Stefan Dzimidko · 1190 days ago

    This is not a problem in most of cases with OSX itself or even Apple (as many people can say), but with people themselves and third part applications. As you know OSX is build with on BSD (most secure system), but also (by default) all ingeration into the system should be done with admin password. People most of the time don't read this information. On the second way there is also problem with holes in Firefox, Adobe products which Apple doesn't monitor.

    So in my opinion words like 35 viruses/trojans 10000 viruses/trojans are useless, because it's always problem with other applications and users.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.