Page 1 of 1

New Trojan Horse Masquerades as Image File

Posted: Thu Mar 15, 2012 6:11 am
by Stephen Hart
A new variant of a known Trojan Horse malware has been identified. It's not circulating "in the wild," but it's worth being aware of how it works.

If you have Finder settings set not to show file extensions, such as .pdf, .jpg, etc., it's possible for a file to look like an image file, but actually be an application designed to install malware. This new variant installs its malware, then installs a real image file and finally deletes the installer application. It tries to gather information and send it to a server.

The easy way to protect against this kind of trojan horse is to be sure to always show all filename extensions.

Also, pay close attention to warnings the OS gives you that you're opening an application for the first time.