Fake Installer Malware SMS Trojan Mac

A new Trojan for Mac is in the wild that mimics the actions of an installer. The malware tries to monetize the attack by having users enter their mobile phone numbers for the purpose of “activation” via a SMS message.

The detected threat called, “Trojan.SMSSend.3666″ was brought to light by Russian security firm Doctor Web. Previously, this fake installer scheme only existed on Windows.

How it works is when a user launches the fake installer on OS X, they are presented with the familiar interface of the installation wizard for an application:

Trojan.SMSSend.3666

In order to continue the installation process, the user is prompted to enter their cell number so they can input a code for activation that they will receive via SMS. By doing so, the user is charged a subscription fee debited to their mobile phone account on a regular basis.

VIA: The Next Web

Update: Apple has now updated its Xprotect.plist blacklist to allow OS X to detect and alert the user if downloaded.

Tagged with: , , , , , , , , ,
Posted in Macintosh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Enter your email address to follow this site and receive notifications of new posts by email.

Join 196 other followers

Categories
Flickr Photos
Archives
Colophon
wordpress com stats plugin
%d bloggers like this: