"DEAR FRIENDS OF RADIO"
As you may have read, a new piece of OS X malware has been discovered. Intego has named this malware the OSX.RSPlug.A Trojan Horse. Note that this malware is not a virus—it can’t self-propagate from one machine to another. It is, however, definitely malicious, and it’s packaged in a well-designed trojan horse wrapper.
Your machine could be infected if you’ve recently gone looking for some, um, less-than-flattering pictures of Britney Spears. Thinking you’ve found what you’re looking for, you click a video to watch it, only to see a message stating that your machine lacks the necessary codec. A disk image will then start downloading, and (depending on the settings on your machine) may then mount and launch an installer which asks for your admin password.
Rule #1: Do not install software from untrusted sources, especially if that software comes as an installer package and requests your administrator’s password! However, if you do proceed to run the installer, here’s what will happen:
- Sorry, but you won’t be able to watch those videos, as no codec was installed.
- Your DNS will be changed to point to malicious DNS machines. What this means is that even if you type
www.apple.com in your browser’s URL area, you may be taken there, to a phishing “clone” of that site, or to another site completely—such as a porn site. Where you wind up depends solely on how the malicious DNS machines are configured. If you consider ebay.com or paypal.com, for instance, the consequences may be dire.
- A cron job (scheduled task) will run every minute to restore the malicious DNS info, in case you change it.
This is really bad. Really. And even though it’s targeted at porn surfers today, the malware could easily be associated with anything else, like a new viral video site, or a site that purports to show commercials from the upcoming Super Bowl. Because this thing may spread to other such sites, we spent some time investigating the trojan—no, not its source sites!—to determine the best way to tell if you’ve been infected, as well as how to remove the software if you do find it on your machine. READ MORE HERE.
THIS IS A PUBLIC SERVICE MESSAGE FROM TGAMM FM RADIO 105.7
**************************************
MARILYN L MARTIN
PUBLIC SERVICE DIRECTOR
TGAMM FM RADIO 105.7
FAMILY FRIENDLY AND FAMILY APPROVED
**************************************
uVme
Lazzeo
ApSense
CitizenRe
BizzyBlogz
TrafficPods
Jerky Direct
ProfitYesterday
Web-Biz-Solutions
My-Easy-Promoter
AdsenseEliteTeam
|