Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • About Us

    Nov1
    3:37 am (UTC-7)   |    by

    ZLOB Trojans, which proliferated in 2006, are known for using fake codec downloads as their social engineering technique to entice users into downloading the malicious software on their systems. Initially, they are also known to affect Windows-based platforms only. Today, this Trojan family seems to be crossing over to the “other side”.

    Intego, who recently partnered with Trend Micro to directly distribute Mac security products, tipped Macworld of the existence of a ZLOB Trojan that affects Mac OS X. Intego reports that the malware disguises itself as video program that when opened, displays a message that a codec is needed to run the program properly. In the background, however, it downloads then launches an installer that asks the user to enter administrator password. ZLOB variants are notorious for this type of routine. Thus, Trend Micro detects the said malware as TROJ_ZLOB.GAF.

    It can be downloaded from the Web site http://{BLOCKED}tracodec.com/download/ and arrives as a .DMG file, the common format used by Mac installers. Depending on the IP address that downloads the Trojan, this Web site gives back a copy of the Trojan with a different MD5sum. Note that Trend Micro created the detection OSX_ DNSCHAN.A for the DMG file and UNIX_DNSCHAN.A for the Bash script file inside the said DMG.

    Malware are crossing over. Mac fandom, beware!

    Data provided by Trend Micro Senior Software Engineer Feike Hacquebord. Additional information from Elizabeth Bookman





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice