The Members Forum

Well, that didn’t take long.

After I posted my analysis of why the time is right for bad guys to begin attacking the Mac in earnest, I heard from two readers who had encountered in-the-wild attacks on Macs in their respective workplaces. In both cases, the results showed up via Google Image Search. (This is an increasingly common source of malware, as security researcher Brian Krebs points out in a well-timed blog post today.)

I was able to duplicate these results and encountered an identical attempt from this same campaign to convince me to install a rather nasty Trojan on a Mac. (Sophos has an analysis of what this particular species does.) I uploaded the sample—a Mac installer package in a Zip file—to Virustotal.com, which confirmed that it is indeed the same code.

Remember last month when I showed you a malware attack that was targeting Google Chrome users? In a follow-up post, I wondered whether Macs would be far behind. They aren’t.

I just did a search for radioactive tsunami waves on Google and then clicked the Images button. On the second page of search results, I found one that looked legit:

When I clicked it on a PC, it redirected me to a fake AV screen that mimicked a Windows security screen. But when I did the same search on a Mac, clicking the poisoned image took me to this page:

ZDnet has the details HERE!