New Trojan Attempts to Infect Macs
Today’s Security Memo from Intego, an Internet security and privacy software developer, includes a warning about a new Trojan horse designed to infect Macs. If installed on your Mac, this Trojan horse, formally known as OSX.RSPlug.D, will attempt to redirect web page requests to phishing sites in order to gain personal information about you.
The Trojan tries to induce you to install it by pretending to be an ActiveX video codec that’s necessary to view videos at malicious web sites. When you click on a video on one of these sites, a warning message will inform you that, “Your browser cannot play this video file. Click ‘OK’ to download and install missing Video ActiveX Object.”
While the message includes both OK and Cancel buttons, the Cancel button doesn’t work. Instead, clicking it just causes the message to repeat. The only way to terminate the dialog box and not download the Trojan is to quit your browser.
Because this Trojan is based on an older known Trojan, most anti-virus programs should be able to detect it. Nevertheless, the best way to avoid becoming a victim of this new threat is not to fall for the missing video codec trick or, better yet, stop trying to view videos on the porn sites where this Trojan is known to hang out.
Comments
I don’t understand. I went to each of the Sponsored Links that you listed right after your article, but each of them talked about PCs and none mentioned Macs.
Hi Ben,
It does seem a little odd, doesn’t it? What you are seeing is one of the effects of editorial (that’s me) and advertising (that’s them) not talking with each other. Generally that’s a good thing, since we don’t want advertising to have any type of influence over the editorial content of the About: Macs site.
On the down side, advertisers target key phrases, such as trojan horse or virus, and place ads pertaining to those keywords. Since the majority of security issues involve Windows, most security-related advertising doesn’t include products for the Mac. So, when I write an article with security-related keywords in it, we get a lot of Windows security ads on the page.
Although it can be a little frustrating for readers, I think it’s a small price to pay for keeping the content on the About:Macs site free from direct influence by advertisers (and free for site visitors).
By the way, here are some security companies that have Mac products:
http://antivirus.about.com/od/antivirussoftwarereviews/tp/aamacvir.htm
Tom
Hi Tom,
Any chance you can direct us who already have this on how to remove it? HELP please.
Thanks