OSX.RSPlug.A. A Mac Trojan
- Are any of you aware of this Trojan? Please read below.
Jose Medeiros :-)
- -- OSX.RSPlug.A. A Mac Trojan that spreads by spam emails designed to lure users to pornography sites. Visitors are presented with a still image from a salacious video. Clicking on the image to play the video returns the following message: "Quicktime Player is unable to play movie file. Please click here to download new version of codec." After the linked page loads, malware is downloaded and launches an installer. The installer requires the user to enter the admin password. Once the password has been entered, the malware infection is complete. The Trojan alters network settings, redirecting webpages and funneling advertisements for porn sites to your Mac.
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
- Best example of Mac-oriented social engineering I've seen yet.And no way to stop it, short of being smart about what you're installing.For those wanting an extra tool against such things, I found a piece recently that allows you to examine the contents of an installer package through Leopard's QuickLook tool. Select the .pkg file, press spacebar, and it's all listed out. Very handy.On May 2, 2008, at 10:58 AM, Jose Medeiros wrote: