More reports of Apple Mac Trojan horse seen in the wild

by Graham Cluley on August 12, 2009 | Comments Off

Mac OS X malware
Our friends at Trend Micro have blogged about a Trojan horse for Mac OS X they have recently encountered disguised as MacCinema Installer.

This has caught the attention of some reporters and bloggers (such as Dancho Danchev). That's not such a surprise. After all, Mac malware continues to make the headlines because of its novelty value and the fact that many Apple lovers are adamant that their computers are somehow protected by an invisible forcefield which makes them invincible.

However, in this case (as shown by a blog entry from our friends at Pareto Logic almost a week ago) this particular piece of Mac malware was already known about, and detected by a handful of security vendors already - including Sophos!

So, I'm glad to say to those customers who have enquired that Sophos does detect this malware (we call it OSX/Jahlav-C).

In his blog post about the malware, Danchev writes:

Not only are cybercriminals beginning to acknowledge the "under-served" Mac OS X segment, but also, they're already borrowing tricks from the Microsoft Windows playbook such as OS-independent tactics like fake codecs and bogus video players. The irony? Both the Mac OS X and Windows malware are hosted on the same domains, with copies of each served on the basis on browser detection.

This is all true. But I would stress to any non-believing Mac user that it's actually been true for a couple of years now. If you're a Mac user and not running anti-virus software, it's time to wake up and smell the cappuccino.

Unconvinced?

Here's a sample of just some of the Mac threats we've written about since the start of the year:

Free Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition

Update: I am indebted to Clu-blog reader @iamleeg who reminded me that Mac users' computers are protected from malware by a "Reality Distortion Field".