- home
- reviews
- news
- downloads
- cnet tv
On TechRepublic: Five super-secret features in Windows 7
- log in
- join CNET
- welcome,
- my profile
- log out

CNET.com

Check out the Dell Store on CNET

MacFixIt

September 1, 2009 11:50 AM PDT

Mac Malware Update: Unauthorized downloads of Snow Leopard infested with Trojans

by Joe Aimonetti

Font size
Print
E-mail
Share
7 comments

Several Web sites have sprung up over the last couple days offering users free upgrades of Apple's latest operating system, Mac OS X 10.6 Snow Leopard. Of course, these sites are socially engineered ploys to trick users into downloading malicious software.

Much like the iWork '09 and Adobe CS4 infected install packages we reported on in the spring, these Snow Leopard download sites are enticing users to get a free copy of the popular software, only to add a malicious version of a DNS Changer Trojan to their Mac.

TrendMicro has reported the threat on their blog:

Once executed, OSX_JAHLAV.K decrypts codes, which include a script that downloads other malicious scripts. The said script then alters the DNS configuration and includes two additional IP addresses in its DNS server. Users are thus possibly redirected to phishing sites and other fraudulent sites. In fact, some of these bogus sites are reportedly hosting FAKEAV (rogue antivirus) variants and components.

Users are advised to only obtain copies of Mac OS X 10.6 Snow Leopard from Apple directly, or other trusted retailers.

Experiencing problems? Have feedback? Let us know!
You can now follow MacFixIt on Twitter!

Resources

More from Late-Breakers

Joe is a seasoned Mac veteran with years of experience on the platform. He reports on Macs, iPods, iPhones and anything else Apple sells. Before joining CNET, he even worked in Apple's retail stores. He's also a creative professional who knows how to use a Mac to get the job done.

Topics:: News,; Troubleshooting

Tags:: Late-Breakers,; snow,; leopard

Share:: Digg; Del.icio.us; Reddit; Facebook

Recent posts from MacFixIt: Snow Leopard: iChat restricting minimum chat window width; Hack enables 10.6.2 on Atom processors; Weekly Utilities Update: WhatSize, CoolBook, VisualRoute, more...; Overcoming missing Appletalk printer connectivity in Snow Leopard; Terminal fun: Options for printing folder and subfolder contents; Aperture How-To: Add a watermark to your photographs; Snow Leopard: Finder not opening files when double-clicked; Software Updates: Apple LED Display iSight Firmware; Browsers

Add a Comment (Log in or register) (7 Comments)

prev
1
next

by steve910 September 3, 2009 8:47 AM PDT

If you can't afford $29, you deserve it.

Like this Reply to this comment


by DragonWizard September 8, 2009 9:28 AM PDT: I agree whole heartedly.. what a bunch of cheapo's !!!; Like this


by Seaspray0 September 15, 2009 10:07 PM PDT: +1; Like this


by appledogx--2008 October 1, 2009 7:23 AM PDT: As a developer, I loathe pirated software, but applauding people putting trojans in ANY software for ANY reason is just plain sick. The Mac platform has been largely free of these, but popularity also attracts sickos who write trojans and viruses. You may be applauding out the other end in a couple of years as you pile on software to keep the junk out, just as Windows users have to do today.

Boo!; Like this


by DragonWizard September 8, 2009 9:26 AM PDT: OK...glad I waited for it, regardless of the temptation these folks were hoping for.... it only cost me 10 dollars to upgrade on my new Mac Pro so I think because of the very cheap price that people stealing it are being just a little bit miserly and may have got what they did (or did not) pay for.. this news will definitely benefit apple, who are the only ones you can count on for a clean version..; Like this Reply to this comment


by joe.mckenna September 9, 2009 2:54 AM PDT: It's an old cliche "but you get what you pay for"; Like this Reply to this comment


by PSmith October 27, 2009 11:50 AM PDT: Frankly, I'm surprised it took this long for the "bad guys" to start loading malware into pirated Mac software. Since the Mac OS is not vulnerable to "drive-by" viral infections and other weaknesses of the Windows platform, social engineering like this is the simplest way to infect a Mac.; Like this Reply to this comment

(7 Comments)

prev
1
next

Navigate MacFixIt

Help
- Hardware
  - iMac,
  - Mac mini,
  - Mac Pro,
  - Macbook,
  - Xserve,
  - AirPort
- Mac OS
  - Snow Leopard,
  - Leopard,
  - Tiger,
  - Panther,
  - Jaguar,
  - Puma,
  - Cheetah,
  - OS 9
- Software
  - iTunes,
  - iPhoto,
  - iMovie,
  - iWork,
  - Backup,
  - Security,
  - Printer

Archives
- Reviews
- News
- Tutorials
- Troubleshooting
- Musings

Utilities

Forums

Click Here

About MacFixIt

MacFixIt is CNET's troubleshooting resource for all things Mac. The information here helps you navigate the ins-and-outs of Mac ownership with how-tos, troubleshooting information, news, reviews, and more.

Add this feed to your online news reader

MacFixIt topics

Reviews & advice: Site map; Editorial policies; Meet the editors; How we test; Forums; Internet speed test

Popular topics: Apple iPhone; Apple iPod; Cell phones; Dell; GPS; LCD TV

CNET sites: CNET Site map; CNET TV; Downloads; News; Reviews; Shopper.com

More information: Newsletters; CNET Mobile; Customer Help Center; RSS; CNET Widgets; About CNET

sponsored

TOP PRODUCTS FROM TOP BRANDS

©2009 CBS Interactive Inc. All rights reserved.
Privacy Policy (updated)
Terms of Use
Visit other CBS Interactive sites:

#networkSites {display:none;}BNET | CHOW | CNET.com | CNET Channel | GameSpot | International Media | mySimon | Search.com | TechRepublic | TV.com | ZDNet

My Lists
My software updates
log in | join CNET