New Mac Trojan Hijacks Google Searches

jamescv7

Level 85
Thread author
Verified
Honorary Member
Mar 15, 2011
13,070
Security researchers from F-Secure have identified a new Mac OS X click fraud trojan which hijacks Google searches by inserting a rogue DNS entry into the hosts file.

The trojan comes hidden as a Fake Player installer so it is probably distributed as part of a social engineering attack that asks users to update Flash Player to see a video or something similar.

Once run on the system, the trojan modifies the operating system's hosts file and inserts an entry that points all Google sites (www.google.*) to a rogue IP address under the attackers' control.

The hosts file can be used to manually specify DNS entries that take precedence over the responses sent by the system's DNS server.

Read More

F-secure link
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top