Welcome to WebmasterWorld Guest from

Forum Moderators: travelin cat

Message Too Old, No Replies

First ever OS X fake installer malware has been detected

4:25 pm on Dec 12, 2012 (gmt 0)

Moderator This Forum from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Feb 28, 2004
posts: 3115
votes: 2

The attack aims to dupe users into handing over their mobile number in order to send an "activation code" via text to complete the fake installation process.

12:06 am on Dec 14, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 7, 2003
votes: 0

I'd like to see the "malware" for myself in all honesty, but aside of that: Mountain Lion already has the protection built in to prevent code such as this from running unless a known software developer signs the code or unless it's sold through the app store (which also signs the code).

Next the tricky bit seems to be premium SMS, that's subscribing you to a (expensive) service without you sending a SMS yourself. If they try to do that where I live: good luck on collecting as the mobile telco operators will not honor the charges (they'll not charge it and they'll not pass on the kick-back for the service) - The subscriber has to send an SMS to the premium service provider before a premium service can be charged. If I'm not mistaken that bit is in the telecommunications legislation in order to protect consumers.

Knowing a mobile phone number just isn't enough to start sending premium SMS (otherwise some idiot would start to spam all possible phone numbers (some networks are rather densely populated by now).