Apple users who tend to think they’re immune from viruses, trojans, malware and other computer bugs need to pay close attention: A new piece of mac malware is infecting Apple users in order to obtain victims’ phone numbers and steal from them via unexpected premium SMS charges.
The Trojan itself, which masquerades as downloadable software, presents victims with a legitimate-looking installation wizard that asks for their phone number in order to verify or authenticate the installation.
Of course, that’s complete rubbish – the only time an application should request your phone number or ask for a code sent to your phone is when logging into a secure part of the Web with two-step authentication, such as your online banking profile or legitimate email account. Responsible and legitimate software installers, typically don’t need to be connected to the Internet in order to install, have no need to ask for your phone number.
Once the code from the cellphone is entered, though, victims have unknowingly agreed to be enrolled into an expensive subscription to gibberish text messages – billing directly to your cellphone provider.
Dr. Web, the Russian anti-virus company which discovered the new Mac threat, said the Trojan was produced with ZipMonster, a popular Russian-language file compression tool in widespread use among hackers and cyber-criminals.
Toll fraud, as scams like this are called, is quickly becoming one of the most serious threats to smartphone users, especially those using Android devices.
The vast majority of malware, Trojans and other malicious software are meant to run on Windows machines and often aren’t a significant threat to Macs. But as Apple continues to increase their market share, security experts have predicted the end of Apple customers’ happy days very soon. Consumers who move to Mac in the mistaken believe that they are “safe”, can no longer consider themselves totally immune to attacks.
Malicious programs for Macs are being found much more frequently, but they’re still rare in comparative terms. All computer users are advised to treat unfamiliar Web pages and links as if they might contain threats, even if they appear to come from a trusted source. Users of all computers – not just Mac owners – should install and continue to update their anti-virus software.
Macintosh users should use a fully fledged Mac Anti-Threat – such as ESET CyberSecurity for Macs.