Skip to comments.
More Mac Malware Spotted — Another attempt of the Video codec type trojan attack.
Digital Trends ^
| July 09, 2009
| by Christopher Nickson
Posted on 07/09/2009 10:48:37 PM PDT by Swordmaker
A new attack on the Mac OS X has been seen in the wild, as numbers of Mac malware grow.
So you thought that Mac was safe from malware? Its definitely time to think again. There might be nothing like the amount of malware there is for PCs, but the numbers are growing.
The latest is known as Puper, a Trojan that disguises itself as a video program for the fictional MacCinema system on OS X.
Researchers at McAfee Avert Labs have determined that the malware attack appears as a disk image, which then launches an installer application for the non-existent software. Once installed, the users computer is infected with a malicious script file called AdobeFlash.
This then launches itself punctually every five hours and tries to download, then launch, other malware on the system.
By pretending to be a video player or plug-in, the new malware uses the same system as other recent Mac attacks.
Although attack numbers remain small, Mac users are advised to still take basic security measures, including not downloading files or attachments they feel to be suspicious.
TOPICS: Business/Economy; Computers/Internet
KEYWORDS: malware; osx
It still requires the user to give permission to download it, run it for the first time, and an administrator name and password to install it. It's a trojan.
To: ~Kim4VRWC's~; 1234; 50mm; 6SJ7; Abundy; Action-America; acoulterfan; Aliska; aristotleman; ...
MacCinema Project.
Don't download it: It's a trojan horse. . . PING!
I think that brings the total number of Mac OS X Trojans to 15.

Mac Malware Ping!
If you want on or off the Mac Ping List, Freepmail me.
2
posted on
07/09/2009 10:51:46 PM PDT
by
Swordmaker
(remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
To: Swordmaker
“I think that brings the total number of Mac OS X Trojans to 15.”
Known mac os trojans......
/s
3
posted on
07/09/2009 11:05:46 PM PDT
by
JSteff
(It was ALL about SCOTUS. Most forget about that and HAVE DOOMED us for a generation or more.)
To: Swordmaker
A new attack on the Mac OS X has been seen in the wild, as numbers of Mac malware grow.
I never really heard of any self-replicating in the wild, but if maybe there was one and maybe now if there is two, then I guess you could say it is growing.
McAfee Avert Labs have determined that the malware attack appears as a disk image, which then launches an installer application for the non-existent software.
Oh wait a minute. I have to give it permission to install. I guess replicants would give it permission to install.
Although attack numbers remain small, Mac users are advised to still take basic security measures, including not downloading files or attachments they feel to be suspicious.
I assume that includes McAfee Fud virus software.
4
posted on
07/09/2009 11:06:23 PM PDT
by
PA Engineer
(Liberate America from the occupation media.)
To: Swordmaker
I've read about a few of these now, and they always say something about how it tried to download other malware onto the system. But it never says what that other malware does, or even whether it actually succeeds in downloading any.
To: Ha Ha Thats Very Logical
I've read about a few of these now, and they always say something about how it tried to download other malware onto the system. But it never says what that other malware does, or even whether it actually succeeds in downloading any. BINGO! We have a winner! Those that have been tested in security labs have failed to successfully download and install anything. To do so requires ROOT access or the administrator of the computer to enter his name and password to temporarily activate SUDO (SuperUser DO).
6
posted on
07/09/2009 11:46:12 PM PDT
by
Swordmaker
(remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
To: Swordmaker
Stay off the pron sites and you won’t have to worry about these.
To: miliantnutcase
Stay off the pron sites and you wont have to worry about these. If I have to download some non-standard file codec or video viewer to see the pron, then there is something decidedly phishy about the site.
8
posted on
07/09/2009 11:59:30 PM PDT
by
Swordmaker
(remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
To: miliantnutcase
I thought trojans protected you on those sites.
9
posted on
07/09/2009 11:59:58 PM PDT
by
gitmo
(History books will read that Lincoln freed the slaves and Obama enslaved the free.)
To: PA Engineer
"I never really heard of any self-replicating in the wild, but if maybe there was one and maybe now if there is two, then I guess you could say it is growing."
100% growth rate!! We're all gonna die!!
10
posted on
07/10/2009 12:29:12 AM PDT
by
RightOnTheLeftCoast
(1st call: Abbas. 1st interview: Al Arabiya. 1st energy decision: halt drilling in UT. Arabs 1st!)
To: gitmo
I think they come from Denmark...
11
posted on
07/10/2009 5:51:58 AM PDT
by
WVKayaker
(Words are plentiful, but deeds are precious.- Lech Walesa)
To: gitmo
To: Swordmaker
The article says Adobe Flash is malicious script. I thought Flash is a real Adobe product?
13
posted on
07/11/2009 7:59:04 AM PDT
by
Peanut Gallery
(The essence of freedom is the proper limitation of government.)
To: Peanut Gallery
Flash is a real Adobe product. This malware is trying to disguise itself that way.
To: Peanut Gallery
Flash is a real Adobe product. This malware is trying to disguise itself that way.
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson