TidBITS is reporting a Mac OS X Trojan that masquerades as a QuickTime codec; the idea is that people are told to install this codec to view a sketchy video on the web, then when they do, the "codec" actually manipulates their computer's DNS settings. Very reminiscent of drive-by pharming, but more obvious than a simple CSRF.
Link to more drive-by pharming info.
No comments:
Post a Comment