The net-cracker effort to bring the 'RSPlug' Trojan horse from Windows over to Mac OS X continues apace. As of this week we are now up to version E, aka Trojan OSX.RSPlug.E. Again, this Trojan is showing up at scam pornography websites.
The difference with variants D and E, however, are particularly nefarious. Instead of the Trojan itself being the full payload of malware, it downloads the actual payload from the Internet. This means the Trojan can install literally anything into your system. It's not just for DNS forwarding phishing scams any more.
Of course, it will be possible to kill off the payload Internet sites one by one as sub-variants of D & E pop up. But once infected, a Mac could theoretically become zombied, which these days is the prime goal of net-crackers. Botnets can make big money. As was popularly reported last week, the taking down of one particular bot wrangler killed off as much as 70% of SPAM distribution for a few days. That's a massive botnet. Imagine the profit the bot wrangler was pulling in. Sadly, the botnet involved remained intact and another bot-wrangler stepped in to take advantage of it, restoring SPAM to its usual blasting volume.
You can read the details about Trojan OSX.RSPlug.E over at Intego's website.
One hilarious flagging giveaway of this Trojan is the continued laziness of the developers' social engineering method. Instead of altering their tease line to potential wetware victims, they left it exactly the same as the Windows version. This means that anyone who is both Mac and Windows savvy will realize immediately that something screwy is going on. The blunder is the tease line "Video ActiveX Object Error". For those who don't know, ActiveX is a scripting monstrosity perpetrated by Microsoft several years back. Yeah, it was another of their attempts to make the Internet proprietary. ActiveX is entirely irrelevant on Mac OS X, thank goodness, as it is a gigantic, wide open door for malware infection on Windows. The only web browser on Mac capable of running ActiveX rubbish is FireFox, and you have to specifically install an ActiveX extension. Therefore, for the moment, if you run into a "Video ActiveX Object Error" on a website, you have just run into an attempt to infect you with the Trojan OSX.RSPlug.
--
Popular Posts
-
This is very easy and simple method to trace phone number not only at India its at worldwide. This is possible due to service and applicatio... -
What is BackTrack 5 Backtrack is a very popular linux distribution for penetration testing. It has hundreds of tools for pentesting and ha... -
When creating a Facebook account, the system automatically assigns the user an identification number, known as the Facebook ID. Facebook al... -
This is Opera Mini Hanler v7.5 which is released for Android OS . With this hacked version, you can browse Internet for free with Airtel,Air... -
Media player without installation. Download Portable Winamp Full (14.5 MB) Download Portable Winamp Lite (8.1 MB) Extract and run Winamp...
-
.jpg)
You must have enjoyed YouTube videos on the official YouTube app on your Android device, but the downside with the app is slow buffering and... -
Ipadian iOS emulators for Windows allow you to run your favorite iOS apps on your Windows computer. Isn't cool to have your iPad apps ru... -
Professional photographer's essential toolbox without installation. English, German, Spanish, French, Italian, Japanese, Korean, Dutch,...
-
Viber Free Calls Viber Free Call and Text Messanging Service With Viber you can Create free call with other viber user.No more Balance cuts ... -
Facebook is our Social Life . Everybody want backup of your life so its not possible but backup of your FB Social Life is Possible. There a...
No comments:
Post a Comment