Topic: Experts warn of porn Mac attacks (OSX/Tored-A, OSX/Jahlav-C, Mac OS Tored worm)

[Samker]

Security experts have discovered two novel forms of Mac OS X malware.

OSX/Tored-A - an updated version of the Mac OS Tored worm - and a Trojan called OSX/Jahlav-C were both found on popular pornographic websites.

Users logging on to these sites are asked to download a "missing Video ActiveX Object" but are sent a virus payload instead.

While most viruses target PC users, there has been rise in the number of attacks on Mac systems.

Graham Cluley, a security expert with anti-virus firm Sophos, told the BBC that the small number of Mac viruses had made some users complacent.

"There is a lot less malware on Mac than for Windows, so Mac users sometimes feel invincible.

"Apple have marketed their system on the line of 'you won't suffer spyware like you would on Windows' and that has reinforced people's attitudes.

"And one thing we do know is that you are less likely to be running anti-virus software on a Mac than on a PC," he said.

Remote access

Sophos says that the OSX/Jahlav-C is an update to a previous version of Jahlav; it runs a script that "uses http to communicate with a remote website and download code supplied by the attacker".

Previously, the virus would download fake anti-virus software that would dupe users into buying a product that would not actually do anything and, warned Mr Cluley, would result in hackers obtaining credit card details. However, that has changed and at present the virus is not downloading any code.

"At the moment the virus is not managing to get that [fake anti-virus software] program, but because it is going to a site controlled by hackers, they can change it to download whatever they want," he said.

That could be keyloggers, data mining or adding the Mac to a future botnet.

Christopher Phin - deputy editor of Mac Format magazine - told the BBC that Mac users needed to be more aware of potential threats.

"The Apple community is guilty of peddling the line that they are removed from security issues.," he said

One of the reasons for this could be that while there are millions of viruses targeting the Windows operating system, it is thought there are less than 70 affecting Apple computers.

"The most useful thing people can do is educate themselves on best practice to avoid getting infected in the first place."

Mr Phin said that, for now, Mac users did not have the same need for anti-virus software that PC users did, although that could change in the future.

"I suspect we will see more creative and new ways of exploiting vulnerabilities on all formats and the greater Apple profile makes it more susceptible to being targeted," he said.

(BBC News)