|
Description:
This malware may be downloaded unknowingly by a user when visiting malicious Web sites.
This file is a MAC OS X mountable Disk Image file (.DMG) which contains malicious codes in the following Install Operation scripts, which are also detected by Trend Micro as OSX_JAHLAV.K.
The script creates a cron job that enables this malware to execute periodically every 5 minutes. It also contains a chain of other encryted codes, the last one of which is a Perl script that attempts to download and execute another malicious script.
The said downloaded script resets the DNS configuration of the affected system and adds two new IP addresses as the DNS server. As a result, users may be redirected to phishing sites or sites where other malware may be downloaded.
Once installation is finished, files are added into the system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Aug. 26, 2009 6:08:02 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
