Mac Trojan in the wild asks you to download Quicktime codec - don't fall for it.

We interrupt this regular adbitching for a public service announcement. Since many adgrunts (soooo many) surf here on macs, and since this Trojan targets Quicktime users I reckon I should warn y'all. There's a trojan in the wild targeting macs specifically. It was only found on porn-sites a few weeks back but now it's making appearances on social sites where embedding of video is allowed - such as MySpace. The Trojan appearing on Alicia Keys page sounds exactly like the mac-trojan. The trojan reacts when you try to view a film, alerting you that "a quicktime codec is missing to play this movie" and giving you a link to download this codec. Once you download that, you'll have to double-click and install it of course, and then the Trojan resets your DNS so that you'll be directed to phishing sites on the web. I have a copy of this Trojan (one of my hobbies is to collects viruses, yeah I'm weird) and to a regular user it looks just like you're installing a Quicktime codec.

Once given root access, the trojan changes the computer's DNS settings to point to phishing sites or ads for other pornography sites. Even if the DNS is reset manually, a background task added by the trojan changes the DNS again automatically.

If you fear that your rig has become infected, Macworld has removal instructions.

Make sure that you don't get infected. To install Adobe Flash player 9 please go straight to the Adobe site. To get the latest Quicktime player please go straight to Apple's Quicktime download site. Never accept downloads from anywhere else. It's that simple. Don't install stuff from untrusted sources. Don't trust anyone but the makers of the software you should be using, not Myspace, not Ning, not Facebook. It doesn't matter how big and famous the site is, if they allow users to embed stuff from third party sites, they can be sending you malware. Kay?

Adland® is supported by your donations alone. You can help us out by buying us a Ko-Fi coffee.
Anonymous Adgrunt's picture
Files must be less than 5 MB.
Allowed file types: jpg jpeg gif png wav avi mpeg mpg mov rm flv wmv 3gp mp4 m4v.
Neo's picture

I haven't seen it yet but being an avid user of social sites, thanks for the heads up.