Marco Dela Vega, Senior Threat Researcher at Trend Micro, has reported today that criminals are making use of the fact that Quicktime Player 7.6.6 allows movie files to trigger file downloads.
Trend’s Benson Sy has encountered two files (“001 Dvdrip Salt.mov” and “salt dvdrpi [btjunkie][xtrancex].mov”) using interest in Angelina Jolie’s movie “Salt” to trick victims into downloading malware masquerading as a codec update or another player installation.
While it’s not uncommon for Mac malware to use the fake codec approach, the malware Trend is reporting is Windows-specific.
Tip of the hat to Ivan Macalintal for drawing my attention (and that of other Apple-oriented researchers) to the issue.
David Harley CITP FBCS CISSP
Mac Virus Administrator
Small Blue-Green World
AVIEN Chief Operations Officer