ID: IRCNE2012121705
Date: 2012-12-17
According to "cnet", the Russian security firm Dr. Web has uncovered another malware attempt on OS X systems that tries to exploit users with SMS fraud.
The new malware is a Trojan horse, dubbed "Trojan.SMSSend.3666," and is part of a family of Trojan malware for Windows and other platforms that have affected Windows users for years.
As with all Trojans, these pose as legitimate programs that are made available for download from a number of underground Web sites, with this current one for OS X appearing to be an installer for a program called VKMusic 4, a utility whose legitimate version is used for communication between machines on a European social network called VK.
During its installation, the malware triggers an SMS fraud routine where it asks users to enter cell phone numbers, then sends them SMS messages to confirm, which then subscribes the users to a scam that charges high fees for junk messages being sent to their phones.
Unlike recent malware targeted at OS X, this one is not a Java-based attempt to hack the system and install dropper programs that open backdoor access to the system. This one is built as a Mach-O binary that uses the OS X native runtime.
As with other recent malware for OS X, this one appears to be built specifically to fool those that use the European VK social network, as opposed to being a more widespread attempt, as was seen with the MacDefender malware.
- 2