The first-ever "fake codec" Trojan malware for the Apple Macintosh was identified yesterday by Intego, a maker of Internet security software for the Mac.
A fake codec pretends to be a free video codec -- often it's posted on a pornography site -- to fool victims into downloading it. It's not a video codec at all, however. Rather, it's a piece of malware intended to compromise the victim's machine. Although there are many Microsoft Windows-based fake-codec Trojans posted on porn Web sites today, Intego's find is thought to be the first Macintosh-based fake codec.
"This is definitely the first fake codec for the Mac," says Alex Eckelberry, CEO of antispyware company Sunbelt Software. "There are a lot of these for Windows, and they use social-engineering tactics to get someone to download it. This one, the first for the Mac, changes the desktop DNS to hijack it and redirect the user to various sites."
Eckelberry says the Web site Adultbookings.com is one place this has been found, but that fake codecs typically are distributed by professional malware writers to many sites.
"They get paid for this," Eckelberry says, adding that the debut of the first fake codec for the Macintosh suggests that professional malware writers now regard the Macinitosh to be as worthy a target as Windows.