F-secure has noticed a trend that more malware is being spread though FTP. As most can remember when viruses and other nasties were spread through email attachments, well that’s be fairly well defeated. Then came the drive-by-downloaders which use http to transfer the infectious payload, that’s been slowing down since browsers have evolved. Now though there is a new way to become infected, through trusty old FTP. How this happens is that a user receives a spam email with some links claiming they have an offer which can’t be refused and as we all know most really can’t refuse it. So the unsuspecting user clicks the link and a ftp connection to some bot-net controlled computer is initiated and some infected files downloaded. So now there is one more thing to scan for in your emails.

Yes you heard right. The first malware written for the Mac has been named OSX.RSPlug.A by Intego (a Mac-security company). The malware is disguised as a video-codec that users are tricked into installing in order to watch nasty movies. This malware is written to hijack DNS of the machine it’s installed on, redirecting their web requests to another web page. The thing about this is it only redirects users who attempt to visit one obscure adult website. It could be alot worse, it could have spoofed bank sites, paypal, or ebay.

This malware doesn’t exploit a hole in the Mac OS, instead it relies on good old social engineering. McAfee researchers have already found this on 65 websites, so this is becoming widespread fast. Security has never been a priority to Apple, soon all types of nasty software will exploit holes that do exist in the OS.

Security researcher Gadi Evron
“Apple’s day has finally come, and Apple users are going to get hit hard, OS X is the new Windows 98.”

Source: Wired