Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Mac’ Category

    After tricking users into viewing ads through a Facebook scam, cybercriminals are again capitalizing on Steve Jobs's death through malicious spam. We were able to find spam that contain the text, "Steve Jobs Alive" or "Steve Jobs Not Dead." Another Steve Jobs-related spam we saw was written in Portuguese, which includes a short text about his death: The text in the message above roughly translates to the following: Subject: Creator of Steve Jobs of Apple's Mac, iPod and iPad dies Steve Jobs, died of cancer ...

    The current wave of Mac OS X FAKEAV infections follows a three-step process. To those familiar with Windows-based FAKEAV variants, the pattern in this infection chain will be quite familiar. Displays a "scanning page" from poisoned Google searches. Prompts the user to download a .ZIP file that contains a .PKG installer. This installer installs a downloader. The downloader downloads another .ZIP file that contains the actual FAKEAV .APP file. In step 2, the downloaded installer package (.PKG file) contains two notable files: The downloader binary A .PNG file The downloader binary is responsible for ...

    For some years now, FAKEAV variants have been plaguing Windows-based systems. Recently, this malware type has entered the Mac OS X scene. As with Windows-based FAKEAV variants, poisoned search terms are the most common infection Mac FAKEAV vectors. Take, for example, the following poisoned search result: Accessing the website while using a Mac will directly lead the user to the following page:

    The recently reported malware attacks against Mac users prompted Apple to release a security update. We did initial analyses of both the FAKEAV for Macs as well as the latest Apple security update in our previous blog entry. I've extracted the version of XProtect.plist (Apple's pattern file) to dig deeper into what's inside it. The Property List (.PLIST) file type is an .XML file that uses Apple's plist document type definition (DTD). .PLIST file types are standard parts of Apple's ...

    We recently reported about a blackhat search engine optimization (SEO) campaign that targeted not only Windows  but Mac users as well. It has just been a few weeks since the role of Mac users as potential victims in the threat landscape has been increasingly established but more and more threats targeting Mac users are being found. FAKEAV for Mac The first case that got the attention of the security industry was a rogue antivirus called MacDefender, which is detected as OSX_FAKEDEF.M. The said malware reportedly ...


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice