Mac malware - mea culpa

Filed Under: Apple, Malware

Graham CluleyHi everyone.

I owe you all an apology.

Earlier this week, I blogged about some Apple Mac malware that was making minor headlines. In the process I managed to get my wires badly crossed, and confused the Troj/RKOSX Trojan horse that we have been detecting since August, and that Symantec and Trend published information about recently under the name of Lamzev, with a new variant of the Mac OS X worm RSPlug that Intego warned about this week.

So, in truth there do indeed seem to be two separate pieces of OS X malware being talked about at the moment. Intego were talking about RSPlug-D. Symantec and Trend have been talking about Lamzev (now also reported by Intego as OSX.TrojanKit.Malez).

As far as I know there is no link between OSX/RSPlug and Troj/RKOSX (also known as Lamzev or Malez).

So, dear readers, Symantec, Trend and Intego... I apologise.

I always try and get my facts straight on the blog, but I let you down on this occasion. I've included a link to this correction from the original blog entry, and we have also fixed Numaan's entry on the SophosLabs blog to correct an incorrect link to Intego's website.


You might like

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley