x404.co.uk - View topic - New OS X DNS changer

View unanswered posts | View active topics It is currently Thu Jul 17, 2025 2:22 pm

New OS X DNS changer

Moderators: saspro, HeatherKay, timark_uk, Blue_Nowhere, l3v1ck

Page 1 of 1

[ 6 posts ]

Print view

Previous topic | Next topic

New OS X DNS changer

Author

Message

ProfessorF

What's a life?

Joined: Thu Apr 23, 2009 7:56 pm
Posts: 12030

New OS X DNS changer

Another threat relying on the ol' 'Check-The-Box-To-Install-Malware' vector:


	Quote: TrendMicro is reporting on a newly discovered 4th member of the OSX_JAHLAV malware family. The latest variant is once again relying on social engineering, this time spreading under a QuickTime Player update (QuickTimeUpdate.dmg) with a DNS changer component enabling the malware authors to redirect and monitor the traffic of the victim. More info on OSX_JAHLAV.D: The Trojan contains component files detected as UNIX_JAHLAV.D and obfuscated scripts detected as PERL_JAHLAV.F. The Perl script then downloads a file from a malicious site and stores it as /tmp/{random 3 numbers}, detected as UNIX_DNSCHAN.AA, which allows a malicious user to monitor the affected user’s activities. This may also cause the user to be redirected to phishing sites or sites where other malware may be downloaded from.

Source

_________________
www.alexsmall.co.uk


	Charlie Brooker wrote: Windows works for me. But I'd never recommend it to anybody else, ever.

Wed Aug 12, 2009 9:54 pm

jonbwfc

What's a life?

Joined: Thu Apr 23, 2009 7:26 pm
Posts: 17040

Re: New OS X DNS changer

So you'd have to download an update to quicktime via some method other than software update to get this? Why do that?

Unless of course you thought you were getting quicktime pro without having to pay for it....

Jon

Thu Aug 13, 2009 1:47 pm

bobbdobbs

I haven't seen my friends in so long

Joined: Thu Apr 23, 2009 7:10 pm
Posts: 5490
Location: just behind you!

Re: New OS X DNS changer


	jonbwfc wrote: So you'd have to download an update to quicktime via some method other than software update to get this? Why do that?

because mr or mrs or ms or esquire etc average doesnt think that everything is dangerous and all too often will just click OK.

_________________


	johnwbfc wrote: I care not which way round it is as long as at some point some sort of semi-naked wrestling is involved.


	Amnesia10 wrote: Yes but the opportunity to legally kill someone with a giant dildo does not happen every day.

Finally joined Flickr

Thu Aug 13, 2009 2:21 pm

gavomatic57

Doesn't have much of a life

Joined: Thu Apr 23, 2009 8:30 pm
Posts: 1757
Location: Cardiff, Wales

Re: New OS X DNS changer


	jonbwfc wrote: So you'd have to download an update to quicktime via some method other than software update to get this? Why do that? Unless of course you thought you were getting quicktime pro without having to pay for it.... Jon

I'm no expert on this, but it may also catch the hackintoshers who can't get software update to work!

_________________
G.

Thu Aug 13, 2009 3:15 pm

saspro

Site Admin

Joined: Thu Apr 23, 2009 5:53 pm
Posts: 8603
Location: location, location

Re: New OS X DNS changer

It's hidden inside some pirate software.

_________________
Support X404, use our Amazon link
Get your X404 tat here


	jonlumb wrote: I've only ever done it with a chicken so far, but if required I wouldn't have any problems doing it with other animals at all.

Thu Aug 13, 2009 3:33 pm

themcman1

Doesn't have much of a life

Joined: Thu Apr 23, 2009 6:54 pm
Posts: 572

Re: New OS X DNS changer

People will install it because you can't get a virus on a Mac. Ever.

Fri Aug 14, 2009 8:15 pm

Page 1 of 1

[ 6 posts ]

Who is online

Users browsing this forum: No registered users and 9 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum