Video malware targets Mac users

Malware hidden in code on an adult video site targets Macs as well as PCs, a sign Apple fans should no longer consider their systems safe from attack, according to experts
Written by Andrew Donoghue, Contributor

Mac users surfing for adult content are being warned to be on the watch for malware, after security researchers revealed the threat poised by fake video codec software.

Security experts from Sophos said on Thursday that Apple computer users should no longer consider their systems safe from viruses and other malware, as hackers are continuing to target the platform as it increases in popularity.

"Although there is much less malware for Mac OS X than there is for Windows, that's going to be little consolation if your shiny new MacBook gets infected. Many in the Mac community have had their heads buried in the sand for too long about the real nature of the threat," said Graham Cluley, senior technology consultant for Sophos said.

Cluley's comments follow the recent emergence of a new version of the Jahlav Trojan horse which Sophos, and other researchers including ParetoLogic, say is being distributed via a site posing as a portal for adult videos. The site encourages Mac users to download additional software — video codecs — to be able to view the content on the site. However, the code contains malware.

"It is becoming more and more common for hackers to use social-engineering tricks, like telling surfers that they need to download a plug-in on their Mac to watch a video, to weasel their way onto computers," said Cluley. "Some Mac users may have thought that it was safe to surf for adult content on their Apple Mac, but they were wrong."

However, the video-codec malware is not only being used to target Mac users, according to Sophos; Windows users are also at risk. The booby-trapped site determines if the victim's web browser is running on Windows or Mac OS X, and serves up malware specifically designed for the visitor's operating system, Cluley said.

Once malware such as the Jahlav Trojan has been downloaded onto a computer, it can be used by hackers to gain control of the system. The compromised machine could then be enlisted into a botnet network, which can be used to launch denial-of-service attacks against online or cloud services, or to send out spam.

Apple was approached for comment on the issue but did not reply in time for this article. However, although Apple has been relatively silent on the issue of virus protection for its OS X platform, the company did comment on Mac security on its site for the newly launched Snow Leopard version of the operating system.

"The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection," Apple states on its site.

Editorial standards