Hack a Mac!!!

September 2009

Hackers serve up pre-release malware to Mac fanboys.

Virus slingers are taking advantage of the release of Apple’s Snow Leopard operating system by offering malware from sites touting operating system upgrades. Dodgy sites supposedly offering Snow Leopard were rigged to push an Apple-specific DNS changer Trojan, detected by Trend Micro as JAHLAV-K. The malware is a MAC OS X mountable Disk Image file (.DMG) that comes contaminated with various malicious scripts, as explained here. Users infected with the Apple specific malware would find their internet connections redirected to phishing sites and other fraudulent endeavours. Some of these bogus sites hosted scareware (fake anti-virus) packages. Fake sites offering the Mac malware were in operation in the run-up to the release of Snow Leopard on August 28. There are more details in a blog on Trend Micro’s website. A similar attack, detected earlier the week of August 24, offered malware in the guise of Foxit PDF Reader software for Apple Macs. The pirated version “Foxit Reader for Mac” comes loaded with the Jahlav Trojan horse, anti-virus firm Sophos warns. Foxit Reader is not yet officially available for Apple Macs. When it does come out, prospective users ought to use the official Foxit website, Foxit advises.