New Mac OS X malware variant spotted in the wild

New Mac OS X malware variant spotted in the wild

Summary: Security researchers from Sophos, have intercepted a currently circulating Mac OS X malware variant of the OSX/Imuler trojan horse.


Security researchers from Sophos, have intercepted a currently circulating Mac OS X malware variant of the OSX/Imuler trojan horse.

OSX/Imuler-B uses images of supermodel Irina Shayk in an attempt to trick end users into execution the malicious application. The cybercriminals behind the campaign are relying on the fact that by default, Mac OS X doesn't display full file extensions, and therefore are attempting to trick end and corporate users into thinking that they're about the view a JPG image file.

Upon execution the malware will delete the original infection file and only leave an image file of Irina Shayk. It will also open a backdoor on the infected host, transferring private information from the infected host to a remote Web server.

End and corporate users are advised to turn on "Show all filename extensions" option in Finder in order to differentiate between different file types and avoid interacting with malicious applications.

Topics: Security, Apple, Hardware, Malware, Operating Systems, Software

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • What?

    Malware disguising itself as erotic pictures to trick users? Never. There is no need to worry though because at least it is not a virus.
  • Like Windows one does not need to relay on file extensions.

    "The cybercriminals behind the campaign are relying on the fact that by default, Mac OS X doesn???t display full file extensions" Because users understand what file extensions are and what they mean when they see them? Of course those very same users completely fail to understand the word "APPLICATION" in the column with the header "kind"?
    • So OS X users need to be careful about what they download and run?

      "Of course those very same users completely fail to understand the word "APPLICATION" in the column with the header "kind"?"

      We've been told that only Windows users have to be careful. Now we find out that no, this is not true. OS X users have to examine carefully the files they download and click on. Sounds like a dangerous OS for the computer newbie to use.
  • New Mac OS X malware variant spotted in the wild

    I've seen commercials saying this doesn't happen on a Mac. Now we have to go through the phase where Apple will deny it, then tell their tech support not to support it, then release signature updates to fix it.
    Loverock Davidson-
  • Another one?

    It has now reached the point where OS X users have to be very careful about what they download and run. Even Apple acknowledges this by integrating a malware scanner right into the kernel. You can't run OS X without running AV because you can't uninstall what Apple has bundled. Even worse, because Apple's AV isn't a particularly good AV product, uneducated OS X users would be wise to install a commercial AV product and since they can't disable or uninstall Apple's AV product, OS X can't safely be used without TWO AV products running at all times. At least on Windows, I can uninstall MSE.

    The old saying "out of the frying pan and into the fire" perfectly describes people who ran from Windows because they believed Apple's advertising message "no malware on OS X".
    • It's a need to worry

      Only stupid users fall for Trojans. Well unless they are Windows users then it is because the Operating System is less secure than MacOS.

      • You have to admit

        That a larger percentage of Windows users are stupid. The majority of minimum wage, and below minimum wage earners use Windows. In fact you'll find more Windows users that should never touch a computer, than the number of Mac OS X and Linux users combined.
        Jumpin Jack Flash
      • half right

        @Jumping Jack Flash
        Given the comparatively tiny number of OSX and Linux users (combined), you are probably correct that the total number of Windows users that should never touch a computer is higher than the total number of OSX and Linux users.

        OSX reminds me of finger paints - Designed to be the simplest, perfect for the target audience, and not to be taken seriously
    • I see

      The Apple hating troll is back. Question is, how long this screen name will last?
      Jumpin Jack Flash
      • Calling people trolls?

        Look at your uneducated comment above! Please bring us your facts and then we can talk about trolls, but as of now you are a troll as well. Try bringing something productive to the conversation than trying to boost your self-esteem by putting down any and all that use Windows! Its no wonder a large portion of the population despise the Apple fanboys that try to dictate your computing habits! Get a life and go have some fun outdoors, you really need it!
      • Be careful...

        Junpin Jack Flash will "flag" your post, as he/she usually does with those who disagree. EDIT [Six minutes later, I see you DID get your reply flagged. huh.] I fully expect this to get flagged.

        The truth is that the OS X (and iOS) is becoming a more lucrative target. Just follow the money. That's all the hackers do.

        There really are few active viruses (virii???) for ANY platform these days. Trojans and social exploits are much easier to create and distribute. All the operating systems are programmed by imperfect humans, and all of them can be hacked. There is no bullet-proof OS...well, maybe on a device that has never had or will have web access or the ability to load programs/apps.
      • WozNotWoz

        The truth of the matter is this. Unless you're a card carrying member of the Nothing But Microsoft club, you'll find your posts voted into oblivion. ZDNet refuses to correct this situation, and allow a disproportionate number of Microsoft employees to post on here. I fully expect this post will get voted into oblivion, not because it is full of lies and FUD, but because it does not fit the agenda, which is Microsoft is great, everything else is bad
        Jumpin Jack Flash
    • In Apple's Defense they said no viruses on Mac OS X

      But they played on the people's universal definition of virus that to most encompasses all Malware and exploit attempts. Many people believe a phishing email to be a virus when there is no file in the email to even contain a virus and the only way they can be exploited is if the click the link and enter their information into the phishing page. Of course that is only the people that can recognize a phishing attempt in the first place which many cannot.

      Then there are the really ignorant people that bough a Mac and installed Windows on it and no antivirus and/or patches done because they were told that Apple computers did not get viruses and thought a virus (or malware) had something to do with the brand of computer. The point is that there are people in all walks of life that fall for these exploits and you have to be safe no matter what computing platform you choose to use.
    • Tosh

      Oh puh-leeze....I got far more bugs (not to mention the system crashes and freezes) in MS in 1 year than I have in 5 years on a Mac.
      • Be careful...

        You'll be labeled a hater, liar, and then get voted into oblivion.
        Jumpin Jack Flash
  • Irina Shayk?

    They couldn't have chosen Irene Demova instead?
    • Whoever modded me down

      is CLEARLY not a Chuck fan.

      • No it's a matter of...

        Mistaking you for a non conformist. Unless you claim everything Microsoft makes is perfect, and everything Microsoft doesn't make is crap, you'll get voted into he abyss
        Jumpin Jack Flash
  • Lets face it

    Lets face it, aslong as there is a computer someone will have a virus out for it. In this case it just took a long time for someone to figure out apple programing. Truely all they did was mask what the file was and open a door for the hacker to do REAL damage. So to refrence an earlier post NO ONE IS SAFE......get ANTI-VIRUS otherwise the large amount of viruses that get caught with AVs will continue to ravage and destroy peoples computers. Having an AV prevents most viruses. Having one allows companies like norton and sophos to deal with the greater/newer threats. Keep in mind local AVs often get comprimised so having an external/online AV is always a good idea.
    • RE: figure out apple programing

      It has nothing to do with figuring out programming. It is the fact that Mac OS has become a target worth exploiting. If scammers and the people behind malicious software creation think a platform is worth exploiting they will find a way. It just so happens to be that it is easier to trick the user into installing a trojan or another piece of malware that can open the door to let other malicious items in and steal data compared to trying to break the OS or software through brute force means.