excerpt:
By Kevin McLaughlin, CMP Channelclick link to read more
7:29 PM EDT Thu. Nov. 01, 2007
The appearance this week of a malicious Trojan Horse targeted specifically at Mac users is fanning the flames of the Mac-versus-PC security debate.
On Monday, security vendor Intego reported a flood of spam being sent to several Mac user forums, which lures users with the promise of free pornographic videos. But when the user visits the Website, an alert box informs them that they need to download a missing video codec before the fun can begin.
Overeager users that click the link will have a disk image file (.dmg) downloaded to their machine, but the installation won't proceed unless the user enters the administrator password, and doing so gives the Trojan full root privileges on the machine, according to Intego.
Once installed, the Trojan operates in the background until the user visits online banking, payment, or auction Websites, at which time it alters the Mac's DNS server and redirects users to nearly identical Websites set up for phishing purposes.
