Security vendor Intego claims to have found a new trojan attack that targets Apple"s OS X operating system but competing security firms (McAfee, Symantec, and Trend Micro) have yet to find samples of the trojan. Intego said that malware authors spammed Mac forums with links to pornographic websites hosting the malware. If confirmed, the trojan would be the first piece of truly malicious software to be targeted at OS X, as opposed to the various proof-of-concept attacks that researchers have previously developed.
The OSX.RSPlug.A trojan allegedly disguises itself as a video codec that would provide access to a pornographic video but in reality is a piece of malware classified as a "DNS Changer". The software changes the way OS X would handle the DNS requests that are used to link numerical IP addresses to web URLs. The tool allows the attackers to redirect web traffic, opening the door for phishing scams.