The other day security analysts deemed the new Mac Leopard’s firewall insecure, especially since it is disabled out-of-the-box. Now things have gotten a bit worse for those Mac users who feel that their machine is not in need of any additional security software.
Give a warm welcome for the OSX.RSPlug.A Trojan Horse. Sure this isn’t the first virus for a Mac, but this one is pretty nasty and being distributed through porn sites. It poses as a video codec that needs to be installed before the viewer can proceed to watch the movie. The result, well, it’s not good:
This Trojan horse, a form of DNSChanger, uses a sophisticated method, via the scutil command, to change the Mac’s DNS server (the server that is used to look up the correspondences between domain names and IP addresses for web sites and other Internet services). When this new, malicious, DNS server is active, it hijacks some web requests, leading users to phishing web sites (for sites such as Ebay, PayPal and some banks), or simply to web pages displaying ads for other pornographic web sites.
Is it possible that the increasing popularity of the Mac Operating System has caused virus writers to target the OS more? If you’re a Mac user looking for a free antivirus solution there is ClamXav, which is based on one of the leading Linux antivirus applications.