Hackers have launched a rare and troubling attack on Apple Inc.'s computers.
Apple on Thursday confirmed reports of pornography Web sites where hidden software, once downloaded, could take control of an Apple computer. Apple did not immediately respond to claims that it is the first instance of a Trojan horse attack on Apple's Macintosh platform.
"We've been made aware that a small number of Web sites attempt to trick Mac OS X users to install malicious software on their Macs," said Apple spokeswoman Lynn Fox. "Apple has a great track record for keeping Mac OS X users secure, and as always, we encourage people to install software only from trusted sources."
The timing of the Trojan horse suggests there are more to come, say some computer and Internet security professionals. As Apple's popularity rises, "the bad guys are taking Macs seriously now," wrote Bojan Zdrnja, of the Internet Storm Center, which is led by the Escal Institute of Advanced Technologies.
After confirming the claims reported by computer-security firm Intego, Symantec engineer Joji Hamada wrote on Symantec's Web site of suspicions that a wave of attacks and viruses are due. "If we see a rise in Mac malware, then we will have to assume that there are profits to be made in malware for Macs as well," he wrote. "Stay tuned."
Mac is the primary target of a new Trojan malware attacking Apple computers. The fake codec trojan was identified by Intego, a maker of Internet security software for the Mac.
A fake codec pretends to be a free video codec, often posted on a pornography site to fool victims into installing it. It's not a video codec at all, but a piece of malware intended to compromise with the victim's machine. Although there are many Microsoft Windows-based fake-codec Trojans posted
on porn Web sites, Intego's find is genuinely believed to be the first Mac-based fake codec of its type.
Antispyware company Sunbelt Software claims that it is the first fake codec for the Apple Mac. They say that the author of the fake code used social-engineering tactics to get someone to download it. This one changes the desktop DNS to hijack it and redirect the user to various sites.
Trojans typically are harmless but there are ones out there that will hijack and corrupt data files. In some cases, the computer user will have to reinstall their operating system to eliminate the trojan.
Porn sites are notorious for malware campaigns by using trojans to get the pc user to buy something. Professional malware writers are actually paid by companies to create such practices