Skip to main content

Researchers warn of fake-PDF Mac Trojan

Apple's Mac OS platform's reputation for enhanced security has taken another hit as security researchers uncover a clever new Trojan spreading via spoof PDF files.

The dropper, dubbed OSX/Revir-B, is a native OS X application which when executed, attempts to install the OSX/Imuler-A Trojan to allow its creator remote access to any infected Mac OS X machine.

To encourage users to open the file, the application pretends to be a PDF file. When opened the application even goes so far as to dump a real PDF contained within its code, meaning that a user sees a genuine PDF open in their system's selected PDF reader, helping to hide the package's true intentions.

The PDF itself gives away the software's target: Chinese users. Written entirely in Chinese, the document covers the controversial ownership of the Diaoyu or Senkaku Islands.

Having malware hide its executable nature is a common technique on Windows systems, but is relatively new for OS X malware authors. As a result, researchers believe that OS X attackers are beginning to move on from the previously social engineering-led attacks that have been seen in the past.

Describing it as a 'fascinating' example of new-breed Mac malware, security expert Graham Cluley of Sophos claimed that Mac users need to be aware of the risks posed by supposedly 'safe' file formats like PDF.

"Despite the numerous times that cybercriminals have created boobytrapped PDF files that exploit vulnerabilities to infect unsuspecting users, many people still think that PDF files are somehow magically safer to open than conventional programs," Cluley explained during his analysis of the Trojan.

"When we tested the malware inside our labs, we couldn't manage to get it to execute as the author probably intended," Cluley admits, "however, strings embedded deep inside its code make it clear that it was written with malicious intent."

The message is clear: Apple's success in recent years is coming at a cost, as attackers start to see the company's growing market share as a valuable target for their attentions.

Despite this, it will be quite some time before Mac OS X reaches the heady heights of malware distribution from which its Microsoft-made rival platform suffers. monitors all leading technology stories and rounds them up to help you save time hunting them down.