Saturday, May 21, 2011

Nefarious Mac OS X Attack

This is one of the most clever attacks on Mac OS X that I've seen in the wild.

I was searching Google for photos of Kelly McGillis since I had driven by "her" Top Gun house, earlier this evening. When I clicked on several of the top results from Google, the following webpage came up and a ZIP file, with a trojan, started downloading.

Click to enlarge

At first glance, this download might look legit to the casual user, but it's not. Fortunately, nothing bad can happen just by visiting websites like this one.

This type of attack is not a virus since it doesn't spread on its own. But, like most social engineering attacks, people could be duped into thinking that they might need to install the application that was just downloaded. After unzipping this file, you'd have to double click on the installer and then grant it administrative access to install this malware on your computer. Falling victim to this attack requires that a user take several deliberate steps, but, that could easily happen if you thought this was a software update from Apple.

While attacks like this aren't uncommon, it's interesting that the attacker was able to figure out how to poison Google's search algorithm into returning their nefarious websites at the top of the list.

No comments: