Sophos is warning Apple Mac users to be on their guard against websites hosting malicious code designed to infect their systems. The advice follows the discovery of a new version of the OSX/RSPlug Trojan horse that is being distributed via a legitimate-looking website offering HDTV software.
"While there is much less malware for the Apple Mac than for Windows, it doesn’t mean that Apple fans can avoid the issue," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
"Mac users are no different to Windows users when it comes to falling for social engineering tricks like this – they are just as likely to install and run this program on their computer if they believe it will help them watch high definition TV."
Sophos notes that the criminal gang behind this malware attack is targeting Windows computers as well as Mac OS X.
If a user visits the website from a Windows computer, it will serve up a malicious Windows executable from the Zlob family of malware rather than the RSPlug-F Mac OS X Trojan horse.
“By targeting both platforms with their malicious website, the hackers can kill two birds with one stone," says Myroff. "Once a piece of malware such as this in place on a user’s computer, it can do whatever the hacker wants it to do. Mac users are gambling with the security of their data if they believe they are somehow immune from threats that Windows users have been living with for years."
Sophos experts have determined that the RSPlug-F Trojan horse changes DNS Settings on Apple Mac computers, meaning users may find they are taken to bogus websites which may attempt to steal personal information, display revenue-generating adverts, or install further malware.