I owe you all an apology.
Earlier this week, I blogged about some Apple Mac malware that was making minor headlines. In the process I managed to get my wires badly crossed, and confused the Troj/RKOSX Trojan horse that we have been detecting since August, and that Symantec and Trend published information about recently under the name of Lamzev, with a new variant of the Mac OS X worm RSPlug that Intego warned about this week.
So, in truth there do indeed seem to be two separate pieces of OS X malware being talked about at the moment. Intego were talking about RSPlug-D. Symantec and Trend have been talking about Lamzev (now also reported by Intego as OSX.TrojanKit.Malez).
As far as I know there is no link between OSX/RSPlug and Troj/RKOSX (also known as Lamzev or Malez).
So, dear readers, Symantec, Trend and Intego… I apologise.
I always try and get my facts straight on the blog, but I let you down on this occasion. I’ve included a link to this correction from the original blog entry, and we have also fixed Numaan’s entry on the SophosLabs blog to correct an incorrect link to Intego’s website.