Sophos customers are protected against a newly discovered Trojan
horse that targets users of the Apple Mac OS X platform.
The OSX/RSPlug-A Trojan horse
is the latest in a very short list of malware that has been
designed to specifically target the Mac OS X operating system.
The Trojan horse poses as a codec to help users view
pornographic videos, but in fact changes DNS server entries to
direct surfers unwittingly to other websites. This could be for the
purposes of phishing, identity theft or simply to drive traffic to
alternative websites.
Mac users can infect themselves by downloading
and running a fake codec.
"What's important to realise is that this Trojan doesn't exploit
a vulnerability in OS X, Leopard, Tiger, or any Apple code. This
Trojan exploits the vulnerability within the person sitting in
front of the keyboard. It's the Mac user who is giving permission
for the code to run and allowing their computer to be infected,"
said Graham
Cluley, senior technology consultant for Sophos. "This is not a
red alert, but it is a wake-up call to Mac users that they can be
vulnerable to the same kind of social engineering tricks as their
Windows cousins. The truth is that there is very little Macintosh
malware compared to Windows, but clearly criminal hacker gangs are
no longer shy of targeting the platform."
Sophos experts are urging Macintosh users to keep the threat in
proportion.
"Mac malware like RSPlug makes the headlines because it is so
rare," continued Cluley. "A Trojan horse like this for Windows
would be unlikely to generate as many column inches because they
are encountered every day. Nevertheless it obviously makes sense
for Mac users to ensure that they are protected."
Sophos has been providing protection against the RSPlug Trojan
horse since 01:12 GMT on 1 November 2007, and customers have been
automatically updated.
In February 2006, in the wake of the discovery
of the first Mac OS X worm, Sophos released research that
showed 79% of computer users believed Apple Macintoshes would be
targeted more in the future. However, over half of those polled
said they did not believe the problem would be as great as for
Microsoft Windows.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.