[NPMUG] ... it's time to wake up and smell the cappuccino - " OSX/Jahlav-C " seen again in the wild

[Dave Sevick]

http://www.sophos.com/blogs/gc/g/2009/08/12/reports-apple-mac-trojan-horse-wild/



Our friends at Trend Micro have blogged about a Trojan horse for Mac  
OS X they have recently encountered disguised as MacCinema Installer.

This has caught the attention of some reporters and bloggers (such as  
Dancho Danchev). That's not such a surprise. After all, Mac malware  
continues to make the headlines because of its novelty value and the  
fact that many Apple lovers are adamant that their computers are  
somehow protected by an invisible forcefield which makes them  
invincible.

However, in this case (as shown by a blog entry from our friends at  
Pareto Logic almost a week ago) this particular piece of Mac malware  
was already known about, and detected by a handful of security vendors  
already - including Sophos!

So, I'm glad to say to those customers who have enquired that Sophos  
does detect this malware (we call it OSX/Jahlav-C).

In his blog post about the malware, Danchev writes:

Not only are cybercriminals beginning to acknowledge the "under- 
served" Mac OS X segment, but also, they’re already borrowing tricks  
from the Microsoft Windows playbook such as OS-independent tactics  
like fake codecs and bogus video players. The irony? Both the Mac OS X  
and Windows malware are hosted on the same domains, with copies of  
each served on the basis on browser detection.

This is all true. But I would stress to any non-believing Mac user  
that it's actually been true for a couple of years now. If you're a  
Mac user and not running anti-virus software, it's time to wake up and  
smell the cappuccino.



http://www.sophos.com/blogs/gc/g/2009/08/12/reports-apple-mac-trojan-horse-wild/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://davesevick.com/pipermail/npmug/attachments/20090812/dbc1cdf7/attachment.htm