If you are a MAC user then you must have heard about a new Trojan pop up at MAC OS X. This time the Trojan developing firm have cleverly used Flash Media Player to transfer their Trojans to the MAC Computers. This newly identified Trojan just pops up the fake Flash Media Player installation and later on interrupting users while serving internet
Once the Trojan gets inside your MAC, it will automatically starts opening some fake Google site. As detailed by F-Secure, the new trojan called “OSX.QHost.WB.A” appear as a Flash Player installer but actually make some changes in computer’s hosts file due to which users gets redirected if they try to open specific Google site
Once installed, the trojan adds entries to the hosts file to hijack users visiting various Google sites (e.g., Google.com.tw, Google.com.tl, et cetera) to the IP address 18.104.22.168, which is located in Netherlands.
The server at the IP address displays a fake webpage designed to appear similar to the legitimate Google site.
As a result of that new Trojan, Apple has made first major change in its “XProtect.plist” file since an attack on ChronoPay appeared to have taken down MacDefender nearly two months ago. Malware definitions have been added in XProtect.plist file which enable Mac system to identify and warn users of malicious downloads. Therefore, it is recommended that you should keep your Mac OS X updated by checking daily updates and specially don’t not ignores security updates of Mac OS because they are very essential in term of providing you safer environment.
You want get more information about Mac OS X from our Mac OS X section.