IT security and control firm Sophos is warning Apple Mac users
to be on their guard against websites hosting malicious code
designed to infect their systems. The advice follows the discovery
of a new version of the OSX/RSPlug Trojan horse that is being
distributed via a legitimate-looking website offering HDTV
software.
Apple Mac malware: Caught on
camera from Sophos Labs
on Vimeo.
"There is much less malware for the Apple Mac than there is for
Windows, but that doesn't mean that Apple fans can hide their head
in the sand like ostriches," said Graham Cluley, senior
technology consultant for Sophos. "Mac users are no different to
Windows users when it comes to falling for social engineering
tricks like this - they are just as likely to install and run this
program on their computer if they believe it will help them watch
high definition TV."
Sophos notes that the criminal gang behind this malware attack
is targeting Windows computers as well as Mac OS X.
"Windows users shouldn't be feeling smug about this attack
against Mac users. If you visit the website from a Windows
computer, it will serve up a malicious Windows executable from the
Zlob family of malware rather than the RSPlug-F Mac OS X Trojan
horse. By targeting both platforms with their malicious website,
the hackers can kill two birds with one stone," explained Cluley.
"Once a piece of malware like this is in place on your computer, it
can do whatever the hacker wants it to do. Mac users are gambling
with the security of their data if they believe they are somehow
magically immune from threats that Windows users have lived with
everyday for years."
Sophos experts have determined that the RSPlug-F Trojan horse
changes DNS Settings on Apple Mac computers, meaning users may find
they are taken to bogus websites which may attempt to steal
personal information, display revenue-generating adverts, or
install further malware.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.