Follow MacBlips on Twitter
New OSX.RSPlug variant masquerading as media applications
Infinite Loop —
... . Unlike previous versions of the trojan, the RSPlug.F variant isn't just found on porn sites, either. One version of the trojan calls itself MacCinema, while the version shown in the video bills itself as an HDTV application named HDTV Player. The website in the video looks legitimate; it appears to be a pretty close copy (right down to the box art) of the product page for a legitimate application with the same name. ...
Sophos video shows Mac trojan caught in the act
The Unofficial Apple Weblog (TUAW) —
... . Even though Mac users would still have to provide admin credentials to install the application (unlike Windows users, who might catch the Zlob malware just by visiting the webpage), it would be perfectly natural to go ahead and authenticate after downloading an installer... but not a good idea in this case. The fake site and bogus application are appearing in two versions, one billed as MacCinema and another trying to steal the goodwill of a legitimate Windows app called HDTV Player (the real app is from blazevideo.com). ...
