Two new Mac attacks surface

Trojans target Mac OS users, including one hidden in a porn site.

June 11, 2009 1:56 PM PDT Follow @elinormills

This is the message visitors to the porn site get which tricks them into installing an ActiveX object to watch a video but instead downloads a Trojan. This screenshot shows a Windows machine, but the malware targets Macs too.

(Credit: Paretologic)

Security experts have discovered two new attacks targeting Mac users, a new version of a worm and a Trojan hidden inside a porn site.

Antivirus firm Sophos on Wednesday discovered a new version of the Mac OS X Tored worm, according to a Sophos blog post.

On Tuesday, Paretologic warned about a porn site that was downloading malware that targets both the PC and the Mac. Mac users get redirected to the pagemac.php page, which downloads a QuickTime.dmg file, the blog post says.

Sophos explained in blog post on Thursday that visitors to the malicious porn site are told they have to download an ActiveX component to view the videos. Instead, a Trojan, dubbed OSX/Jahlavc, gets downloaded.

"As we've demonstrated before, and as we'll no doubt explain again, the Mac malware threat is real," writes Sophos security researcher Graham Cluley. "Hackers are deliberately planting malicious code on Web sites, and using social engineering tricks to fool you into installing it onto your computer."

An Apple spokesperson did not immediately respond to a request for comment.

News

Yahoo revives Flickr with photo-centric redesign, 1TB free storage

Yahoo's CEO Marissa Mayer unveils an update to the company's Flickr photo-sharing site. Among the changes are a redesign with larger images, the ability for users to upload full-resolution photos, and 1TB of free storage for everyone.

Play Video