New variant of RSPlug trojan making the rounds
Our friends at Intego sent out an alert this morning, warning users about a new variant of the RSPlug trojan horse, found on several adult websites. The risk to users is classified as "medium."
RSPlug trojans, themselves a form of DNSChanger, change local DNS settings to redirect to phishing sites for banks, PayPal, and eBay. All these trojans must be downloaded at the user's request, and an administrator password has to be supplied.
When visiting certain sites, the user is alerted that there is a "Video ActiveX Object Error" and is told that their "Browser cannot play this video file." The alert instructs the user to download the "missing Video ActiveX Object." If the user clicks OK, a disk image called "cleanlive.dmg" downloads (which may change in the future). Depending on the user's browser settings, this disk image may mount and installation may automatically start.
Intego VirusBarrier X5 users are, as you might imagine, already protected. Updating your virus definitions today will improve detection.
And, as always, be careful where you put your mouse online.
Our friends at Intego sent out an alert this morning, warning users about a new variant of the RSPlug trojan horse, found on several adult...
Subscribe to Newsletter
Software Updatesmore updates
- Daily App: MyScript Calculator solves your hand-written math equations
- Findery app lets you discover the world around you using annotated notes and maps
- The Learnist app brings its crowd-sourced collection of information to your iPhone
- My cat Cinnamon reviews Friskies Cat Fishing 2
- Photo Grid Collage Maker is capable and free
- iExit gets new features and is now free