New Mac OS X Trojan Masquerades as PDF

September 25, 2011

While Windows users have historically been aware of the necessity of anti-virus software, firewalls, and other defenses against malware, Mac OS X users have in some cases become a bit smug about the superior security of their platform.  Some of that security advantage is real, and some stems from the greater usage of Windows, making it a more attractive target.  But all users would do well to remember that there is no such thing as a perfectly secure system.

The ThreatPost security blog from Kaspersky Labs reports that a new Trojan attack, targeting Mac OS X systems, has been found, which adopts a tactic popular with Windows malware authors: it disguises itself as a PDF document.

The new piece of malware hides inside a PDF file and delivers a backdoor that hides on the user’s machine once the malicious file is opened.

It appears that the Trojan, which has been named iMuler.A, follows a typical design; it installs itself, and then can communicate with a “control server” over the Internet.  At this point, the designated server does not seem to be functional, so not much further happens, but there is certainly the potential for mischief.   The most likely propagation mechanism for this attack is E-mail.  So you Mac users out there need to take the same advice that PC users are used to hearing: do not open E-mail attachments unless you are sure that they are safe.

I will post updates on this if more information becomes available.  The anti-virus firm F-Secure also has a report on this.

%d bloggers like this: