Intego Warns of New Mac Trojan Horse


Antivirus software developer Intego claims to have discovered a new Trojan horse threat for Mac OS X dubbed OSX.RSPlug.E. The file attempts to trick users into installing an application that could let a malicious attacker install additional files without the user's knowledge.

OSX.RSPlug.E is a variant of a Trojan horse that was first reported in October 2007. It is apparently showing up on several pornographic Web sites and displays a warning that states "Video ActiveX Object Error," and includes an option to download the "missing Video ActiveX Object."

Once installed, a remote attacker could potentially add other files to the user's hard drive without their knowledge or permission. Like other Trojan horse threats, this one relies on user action and is not a virus threat that takes advantage of security weaknesses in Mac OS X.

For now, this potential exploit appears to be limited to the subset of surfers that visit pornography Web sites, but that doesn't mean it couldn't be adapted for other sites as well. The biggest threat OSX.RSPlug.E poses so far is that takes advantage of the trusting nature found in many Web surfers.