Security researchers from Intego, have intercepted a new variant of the Imuler trojan horse targeting Mac OS X users.
The latest version of the Imuler.C trojan attempts to trick end and corporate users into thinking that they’re downloading and about to view image files. The trojan horse circulates using .zip archives named “Pictures and the Ariticle of Renzin Dorjee.zip” and “FHM Feb Cover Girl Irina Shayk H-Res Pics.zip”.
According to the researchers, the malware authors are relying on a known social engineering tactic and the default Mac OS X settings, where full file extensions are not displayed by default, hence the use of image icons for application files.
Once executed, the malware performs the following actions:
End users are advised to turn on the feature that’s showing all filename extensions in order to differentiate between real image files and applications, such as the Imuler.C trojan, and to submit suspicious files to the popular VirusTotal service in order to ensure that they’re malware-free.