Ever since the MacDefender epidemic died down when the ChronoPay offices were raided, it’s been quiet in the way of Malware attacks on the Mac, except for one, new, pesky, trojan discovered earlier this month. This new trojan known as “OSX.QHost.WB.A” pretends to be an installer for Adobe Flash Player, which actually modifies certain OS host files to redirect users accessing certain Google sites (such as Google.com.tw) to an IP address located in the Netherlands.
The IP address (91.224.160.26) users are redirected to, is itself a fake Google page, and the search results from this fake Google search bring forth pop-up windows that would presumably host advertisements. However, at the time this trojan was discovered, the pop-up windows were broken, and showed no content.
Granted this isn’t a serious threat, but it could be problematic for less savvy users who wouldn’t know they’re being duped into installing a trojan, and why they are suddenly getting pop-up ads from Google (which of course is fake too).
In response to this threat, Apple has since updated their anti-malware definitions, which were started and updated regularly with MacDefender outbreak, to combat this new trojan. It’s also worth remembering at this time, that Mac OS X Snow Leopard was updated earlier this year to make daily checks for new malware definitions (which formerly had to be done manually), and now Lion does much the same. The updates Apple releases will warn users about malicious attacks, if they try to download malevolent software.
It seems that Apple is on top of things when it comes to Malware. Plus, there still aren’t any viruses on a Mac.
Image of fake installer courtesy of F-Secure.com
Continue reading:
- Everything New Apple Just Announced (Septembe
- Apple Watch Pre-Order
- Apple Research Kit launches with 5 Apps
- Apple TV now only $69
TAGS: anti-malware definitions, Trojan
