pretend Flash player trojan installer
while things have been rather quiet on the malware entrance for OS X because a raid on Russian payment processing agency ChronoPay looked as if it would have taken down MacDefender virtually two months ago, one new bug did pop up earlier this month. As particular through F-stable, the trojan referred to as “OSX.QHost.WB.A” masquerades as a Flash player installer however if truth be told provides entries to a computer’s hosts file to redirect users making an attempt to consult with sure Google websites.
once installed, the trojan provides entries to the hosts file to hijack customers touring more than a few Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP handle ninety one.224.one hundred sixty.26, which is positioned in Netherlands.
The server at the IP handle displays a fake webpage designed to look just like the authentic Google web page.
Search outcomes on the faux Google pages in fact lead to pop-up home windows that load external content material which used to be damaged on the time of discovery however possibly consisted of commercials of some kind. whereas the possibility as carried out on the time of discovery used to be quite gentle, inexperienced customers falling for the trojan may in finding themselves ignorant of what had took place to their programs and the way to restore the hijacked routing introduced through the malware.
as a result, Apple previous this week made its first vital addition to its “XProtect.plist” file since the spate of MacDefender versions surfaced in June. The XProtect.plist file accommodates malware definitions to enable users’ methods to recognize and warn customers of malicious downloads, a feature that debuted with Mac OS X Snow Leopard back in 2009.
the unique anti-malware machine required manual updates to account for new threats, and as such was once updated handiest hardly with the aid of Apple as part of better instrument updates. but with an Apple instrument update issued in response to the MacDefender risk previous this 12 months, Mac OS X methods are actually ready to make daily checks for updates to that file to ensure up-to-date safety in opposition to malware.
contemporary Mac and iOS weblog tales
• chinese govt Finds 22 extra faux Apple retailers
• Rogers staff beginning 'Pre-Launch training' for iPhone 5
• Apple shipping Lion recovery USB Keys, not on the market but
• Viacom and Cablevision Settle Lawsuit Over are living tv on iOS Apps
• page 2: fake Apple iPhone 5 website 'Leak' Video
more: persevered here