Wednesday, December 12, 2012

First fake-installer Trojan for Mac OS


from drweb.com
Russian anti-virus company Doctor Web informs users about a new Trojan for Mac OS X dubbed Trojan.SMSSend.3666. The malicious scheme used to spread this Trojan is notorious among many Windows users but until now it hasn't been employed to deceive owners of Macs. Trojan.SMSSend is a fake installer which can be downloaded from various sites under the guise of useful software.


Trojan.SMSSend programs are found in large numbers on the Internet. These are fake installers available on various sites disguised as distributions of legitimate software. When a user starts such an installer, they see the interface that imitates the installation wizard of a corresponding application. In order to continue the "installation" fraudsters ask that the victim enter their cellphone number into an appropriate field and then specify the code found in a reply SMS. By performing these actions the user agrees to terms of a chargeable subscription and a fee will be debited from their mobile phone account on a regular basis. Such installers usually contain meaningless data or the programs they are supposed to install, which in fact can be downloaded from official sites of their developers free of charge.

Trojans of this family used to plague Windows users, but Trojan.SMSSend.3666 targets owners of Apple computers. When the fake installer is launched, it displays the installation window of VKMusic 4 for Mac OS X, an application designed to listen to the music on a popular Russian social networking site. However, to activate the program, attackers traditionally require a cell phone number and a confirmation code.


As before, the malicious application is spread under the ill-famed "affiliate programme" ZipMonster that helps fraudsters craft such fake installers and assists in delivering payments to distributors of malware. It should be noted that Trojan.SMSSend.3666 is the first program of its kind that targets Mac OS X.

Doctor Web once again warns users against installing programs if they are required to submit their phone number or send a text message—most likely, you will lose money and end up with nothing. Moreover, you will most likely be able to find the program you want with a search engine and download it free of charge from an official site of its developers.

1 comment:

  1. Already fixed

    http://thenextweb.com/apple/2012/12/13/two-days-after-first-os-x-fake-installer-malware-found-apple-updates-definitions-to-fight-sms-scam/

    ReplyDelete