OSX/FkCodec-A

    Category: Viruses and SpywareProtection available since:23 Apr 2012 03:30:26 (GMT)
    Type: TrojanLast Updated:22 Jul 2016 09:10:59 (GMT)
    Prevalence: Major OutbreakPublisher Name:Codec-M
    Publisher URL:http://codecm.com/privacy.php

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    OSX/FkCodec-A is a fake installer that claims to be installing a video codec.

    Instead, OSX/FkCodec-A installs a safari extension that serves ads and monitors browser activity and an updater daemon that checks for updated versions of the "codec" and downloads and runs the installer if the version on the server is newer than the version installed.  If there is no version installed (the safari extension has been forcibly removed) it will run the updater.

    Examples of OSX/FkCodec-A include:

    Example 1

    File Information

    Size
    1.1M
    SHA-1
    016d2f20bd537c7a455ab28d5152f77e83e9c96a
    MD5
    1965cf71d274afcd44b073840eb060b2
    CRC-32
    8ec0f180
    File type
    Apple Mac executable
    First seen
    2007-09-19

    Example 2

    File Information

    Size
    1.1M
    SHA-1
    0191e38a6ea5780c300a9d10a18af83d37503faf
    MD5
    d4ff6e571293c390e5b570aa095c3110
    CRC-32
    8721f455
    File type
    Apple Mac executable
    First seen
    2015-01-22

    Example 3

    File Information

    Size
    1.1M
    SHA-1
    0a21e64fd345f76610168664d481105b5730fb5a
    MD5
    73c3ac0953ca88caf635734e2d0bb8f0
    CRC-32
    196c5d16
    File type
    Apple Mac executable
    First seen
    2007-10-26

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection