OSX/RSplug-F Trojan gets a new method for install

Affects both Macs and PCs.

Published Wed, Mar 25 2009 1:34 PM CDT   |   Updated Tue, Nov 3 2020 12:37 PM CST
Looks like there is another virus out for Mac OSX, well a revamp of an older one is more accurate.

According to Sophos, the OSX/RSplug-F Trojan horse virus for Mac has been given an overhaul.

The new method for distribution is through an infected HDTV/DTV program called MacCinema. Even a visit to the site seems legitimate, users are then lead to download and install this application.

Considering the legitimate appearance of the site this virus would even get past the need to input a username and password by the unsuspecting user. And that is if the user actually uses a password, many Mac Users I know choose not to since they do not need it. After all Apple tells them there are no Viruses for Mac.

But Windows Users should not be too smug, apparently this Trojan can infect their systems too.

Read more here

And don't try and tell me that this couldn't affect Mac OS X users because they would have to enter their administrator username and password to install the package. If they were prepared to download this program from this website, I feel pretty confident that they would enter their administrator details to allow installation too!

Mac users are no different to Windows users in this regard - this is social engineering, plain and simple.

Oh, and Windows users shouldn't feel too smug about this either. If you visit the site on a Windows computer, it will serve up a malicious Windows executable from the Zlob family of malware rather than a Mac OS X Trojan horse.

Video courtesy of

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles