Imuler.C Uses Icon Decoy method- LOW RISK
Saturday, March 17, 2012 at 08:29AM
Sean OConnell Public in Apple, Decoy, Fake, Limited Risk, Mac OSX 10.7.x

Imuler.c, reported by Intego, is a low risk icon decoy social engineering attack. In MacOSX the user you can simply copy an icon to another file by using "File>Get Info (Comand-I)" in the Finder.

Summary

Within a zip file the criminals hide an Application with an icon that looks like an image along with other image files. The decoy is an attempt to get the user to click on the Application and run the malicious file. 

 FACTS

 

 

Figure 1: Warning Dialog for downloaded Application from Internet

RISK

Imuler.C as all of it's previous versions are VERY LOW RISK. The attack method is similar to the PDF decoy in September 2011. The Application with the Icon Decoy is an attempt to use tactics decades old. 

MITIGATION

 

 

 

Article originally appeared on magmatic.com (http://www.magmatic.com/).
See website for complete article licensing information.