• On TechRepublic: Five super-secret features in Windows 7
advertisement
mySimon mySimon mySimon Outdoor Gear mySimon Swimwear mySimon Home and Garden
September 1, 2009 11:50 AM PDT

Mac Malware Update: Unauthorized downloads of Snow Leopard infested with Trojans

by Joe Aimonetti
  • Font size
  • Print
  • 7 comments
Several Web sites have sprung up over the last couple days offering users free upgrades of Apple's latest operating system, Mac OS X 10.6 Snow Leopard. Of course, these sites are socially engineered ploys to trick users into downloading malicious software.

Much like the iWork '09 and Adobe CS4 infected install packages we reported on in the spring, these Snow Leopard download sites are enticing users to get a free copy of the popular software, only to add a malicious version of a DNS Changer Trojan to their Mac.

TrendMicro has reported the threat on their blog:

Once executed, OSX_JAHLAV.K decrypts codes, which include a script that downloads other malicious scripts. The said script then alters the DNS configuration and includes two additional IP addresses in its DNS server. Users are thus possibly redirected to phishing sites and other fraudulent sites. In fact, some of these bogus sites are reportedly hosting FAKEAV (rogue antivirus) variants and components.
Users are advised to only obtain copies of Mac OS X 10.6 Snow Leopard from Apple directly, or other trusted retailers.

Experiencing problems? Have feedback? Let us know!
You can now follow MacFixIt on Twitter!

Resources

  • TrendMicro
  • Let us know!
  • Twitter!
  • More from Late-Breakers
  • Joe is a seasoned Mac veteran with years of experience on the platform. He reports on Macs, iPods, iPhones and anything else Apple sells. Before joining CNET, he even worked in Apple's retail stores. He's also a creative professional who knows how to use a Mac to get the job done.
    Recent posts from MacFixIt
    Snow Leopard: iChat restricting minimum chat window width
    Hack enables 10.6.2 on Atom processors
    Weekly Utilities Update: WhatSize, CoolBook, VisualRoute, more...
    Overcoming missing Appletalk printer connectivity in Snow Leopard
    Terminal fun: Options for printing folder and subfolder contents
    Aperture How-To: Add a watermark to your photographs
    Snow Leopard: Finder not opening files when double-clicked
    Software Updates: Apple LED Display iSight Firmware; Browsers
    Add a Comment (Log in or register) (7 Comments)
    • prev
    • 1
    • next
    by steve910 September 3, 2009 8:47 AM PDT
    If you can't afford $29, you deserve it.
    Reply to this comment
    by DragonWizard September 8, 2009 9:28 AM PDT
    I agree whole heartedly.. what a bunch of cheapo's !!!
    by Seaspray0 September 15, 2009 10:07 PM PDT
    +1
    by appledogx--2008 October 1, 2009 7:23 AM PDT
    As a developer, I loathe pirated software, but applauding people putting trojans in ANY software for ANY reason is just plain sick. The Mac platform has been largely free of these, but popularity also attracts sickos who write trojans and viruses. You may be applauding out the other end in a couple of years as you pile on software to keep the junk out, just as Windows users have to do today.

    Boo!
    by DragonWizard September 8, 2009 9:26 AM PDT
    OK...glad I waited for it, regardless of the temptation these folks were hoping for.... it only cost me 10 dollars to upgrade on my new Mac Pro so I think because of the very cheap price that people stealing it are being just a little bit miserly and may have got what they did (or did not) pay for.. this news will definitely benefit apple, who are the only ones you can count on for a clean version..
    Reply to this comment
    by joe.mckenna September 9, 2009 2:54 AM PDT
    It's an old cliche "but you get what you pay for"
    Reply to this comment
    by PSmith October 27, 2009 11:50 AM PDT
    Frankly, I'm surprised it took this long for the "bad guys" to start loading malware into pirated Mac software. Since the Mac OS is not vulnerable to "drive-by" viral infections and other weaknesses of the Windows platform, social engineering like this is the simplest way to infect a Mac.
    Reply to this comment
    (7 Comments)
    • prev
    • 1
    • next

    Navigate MacFixIt

    • Help
    • Archives
    • Utilities
    • Forums
    advertisement
    Click Here

    About MacFixIt

    MacFixIt is CNET's troubleshooting resource for all things Mac. The information here helps you navigate the ins-and-outs of Mac ownership with how-tos, troubleshooting information, news, reviews, and more.

    Add this feed to your online news reader

    MacFixIt topics