Macs Beware of Malware Disguised as MacCinema Installer
Trend Micro, company that specializes in providing network antivirus and internet content security software and services, has uncovered a new threat in the wild, threat that targets Macs. The company has discovered a Trojan horse that disguises itself as MacCinema Installer – this is in fact at DNS-changing Trojan from the OSX_JAHLAV malware family.
“A Domain Naming System (DNS)-changing Trojan targeting Macs is currently making the rounds disguised as MacCinema Installer (detected by Trend Micro as OSX_JAHLAV.D. This is the latest variant of OSX_JAHLAV.C, which was identified in June. The Trojan is supposedly a QuickTime Player update with the file name QuickTimeUpdate.dmg. As with its earlier variants, users are prompted to download the malware when trying to view certain online videos from .com domains with the IP address, 91.214.45.73,” explained Trend Micro.
Mac users are well advised to stay away from these .com domains: allincorx, bigdron, cikaredo, civilizxx, comeandtryx, deribrowns, draxxtermania, givendream, hitrowzone, jumborad, ltdkeeper, operationelx, oxxadox, paxxtiger, rednetx, rstdeals, simplexdoom, sinister, tdenuwas, tniredrum, ufapeace. Mac users are also well advised to be cautious with software updates that do not originate from Apple.
Senior Security Consultant with Sophos, Graham Cluley, added that the company he works for detected the malware, called it OSX/Jahlav-C and provides protection for it since the start of the week. All Sophos products detect and protect against the Mac threat.
Cluley used the occasion to once again draw attention to the fact that Macs need adequate security software just like Windows PCs do: “Mac malware continues to make the headlines because of its novelty value and the fact that many Apple lovers are adamant that their computers are somehow protected by an invisible forcefield which makes them invincible. If you're a Mac user and not running anti-virus software, it's time to wake up and smell the cappuccino.”
Tags: Apple, Mac OS X, Trojan, Malware, DNS, Trend Micro, Sophos
“A Domain Naming System (DNS)-changing Trojan targeting Macs is currently making the rounds disguised as MacCinema Installer (detected by Trend Micro as OSX_JAHLAV.D. This is the latest variant of OSX_JAHLAV.C, which was identified in June. The Trojan is supposedly a QuickTime Player update with the file name QuickTimeUpdate.dmg. As with its earlier variants, users are prompted to download the malware when trying to view certain online videos from .com domains with the IP address, 91.214.45.73,” explained Trend Micro.
Advertising
Mac users are well advised to stay away from these .com domains: allincorx, bigdron, cikaredo, civilizxx, comeandtryx, deribrowns, draxxtermania, givendream, hitrowzone, jumborad, ltdkeeper, operationelx, oxxadox, paxxtiger, rednetx, rstdeals, simplexdoom, sinister, tdenuwas, tniredrum, ufapeace. Mac users are also well advised to be cautious with software updates that do not originate from Apple.
Senior Security Consultant with Sophos, Graham Cluley, added that the company he works for detected the malware, called it OSX/Jahlav-C and provides protection for it since the start of the week. All Sophos products detect and protect against the Mac threat.
Cluley used the occasion to once again draw attention to the fact that Macs need adequate security software just like Windows PCs do: “Mac malware continues to make the headlines because of its novelty value and the fact that many Apple lovers are adamant that their computers are somehow protected by an invisible forcefield which makes them invincible. If you're a Mac user and not running anti-virus software, it's time to wake up and smell the cappuccino.”
Tags: Apple, Mac OS X, Trojan, Malware, DNS, Trend Micro, Sophos
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 09 Feb 2012
Redmond-based software giant Microsoft is giving all US residents the chance to win a Pink Sony VAIO Y laptop (ARV $6,000) as part of a Valentine’s Day Sweepstakes
By George Norman on 09 Feb 2012
The latest stable version of Google Chrome web browser is v. 17.0 which was rolled out to the public on Wednesday, the 8th of February, one day after the release of Chrome for Android Beta 1Related News
By George Norman on 01 Feb 2012
Earlier this week software developer Piriform made a very exciting announcement – exciting for all the Mac users out there who 
By George Norman on 28 Oct 2011
Nullsoft, the developer behind the Winamp media player and the SHOUTcast MP3 streaming media server, announced earlier this week that the functionality Winamp has to offer is available for one more platform
By George Norman on 19 Sep 2011
This June Skype announced that it integrated Facebook in the Beta version of its Windows client. Skype 5.5 for Windows Beta, said Skype at the time, allows users to view Facebook friends in the contacts
By George Norman on 21 Sep 2011
It would seem that changing someone’s password is not a very difficult thing of that someone is on Mac OS X 10.7 Lion, the eight major release of the Mac OS X operating system. Patrick Dunstan, author of the Defence in Depth blog, uncovered thatAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Macs Beware of Malware Disguised as MacCinema Installer
HTML Linking Code
HTML Linking Code