Malware served up based on operating system
While the stick yer head segment of Mac users will almost certainly find some reason to spout their typical rhetoric about Mac’s being impervious to viruses, trojans and other such evil goodies that isn’t stopping the malware writers from improving their odds of getting you to install their crap. One of the newest tricks apparently is for the website you are visiting to detect which operating system you are running and then serve you up a nasty package for that OS.
Ivan Macalintal from Trend Micro recently came across a new variant of the DNS changer trojan that checks for which operating system is behind the browser and then will offer up the appropriate Windows or Mac installer.
This follows a similar finding last month by McAfee, which spotted the same tactic being used at sites that try to trick the user into installing a browser plug-in supposedly needed to view online videos: The bogus plug-in was offered as a “.exe” file for Windows visitors, and a “.dmg” installer file for those who browsed the site with a Mac.
Meanwhile, Symantecwarned last week that it had detected several blogs that were advertising free, streaming online copies of movies that were just released in the theaters. The lure is once again a fake video plug-in, followed by either a Mac- or Windows-based version of the DNS Changer Trojan.
Source: Security Fix :: Malware Writers: Will That Be OS X, or W?
Most of these new and more dangerous delivery systems are coming at us via blogs and websites that pander to those looking for video and software that they would normally have to pay for.
The reason for this is that by making the visitor think they need some new type of codec to view some questionable video it makes them more willing to install whatever is offered up to them. This is just taking the whole social engineering up a level or two.
image courtesy of Security Fix