Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Before the August 28 official release of Apple’s OS X Snow Leopard, cybercriminals are already hitchhiking on this to proliferate their malicious activities. Earlier today, Advanced Threat Researcher Feike Hacquebord discovered several fake sites that supposedly give Mac users free copies of the newest version of the Mac OS, Snow Leopard. However, accessing these malicious sites land users to a DNS changer Trojan detected by Trend Micro as OSX_JAHLAV.K.

    Once executed, OSX_JAHLAV.K decrypts codes, which include a script that downloads other malicious scripts. The said script then alters the DNS configuration and includes two additional IP addresses in its DNS server. Users are thus possibly redirected to phishing sites and other fraudulent sites. In fact, some of these bogus sites are reportedly hosting FAKEAV (rogue antivirus) variants and components.

    As of this writing, all malicious URLs are already blocked by Trend Micro. Users are strongly advised to get only the latest Snow Leopard update directly from the Apple site, as well as consider using Trend Micro Smart Surfing for Macs.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice