New Mac Malware Disguises Itself as OS X Installer, Targets Cellphones

New Mac Malware Disguises Itself as OS X Installer, Targets Cellphones

You might’ve thought that by owning an Apple Mac your chances of being infected by malware are pretty low. Well, sorry to disappoint all you fanbois out there, but it would seem that this particular threat has reared its ugly head on the Apple machine for the first time.

The Russian security vendor Doctor Web is claiming to have identified a Trojan that disguises itself as the OS X installer on Mac computers, in order to trick people into running the malware. Doctor Web has named the threat as Trojan.SMSSend.3666 specifically because its aim appears to be stealing phone numbers from those machines it infects.

We’ve seen similar threats on Windows in the past – malware mimicking apparently legitimate software – but Doctor Web says that this is the first time it’s seen this particular kind of malicious software appear on Apple hardware.

Opening the program causes the malware to prompt users to enter a phone number so that OS X can be activated. If they do so, the program sends an ‘activation code’ to their phone via SMS. Unfortunately for the unwitting user, while they go and enter the code and think that all is dandy, their phone has just been charged a recurring subscription fee which is debited on a regular basis. To further convince users, the software will actually complete its fake ‘download’ so that the majority of users will be totally unaware of what’s happened.

This is an interesting one, and not just because it’s the first time we’ve seen this kind of threat on a Mac. Targeting phones hasn’t really been that popular among hackers before, mainly because there are more profitable enterprises they can pursue. However, by attacking Mac users for the first time it would appear that someone has made this particular scheme quite profitable.

RELATED:  New YiSpecter malware targets jailbroken and non-jailbroken iOS devices in Asia

Mike Wheatley

Mike Wheatley is a senior staff writer at SiliconANGLE. He loves to write about Big Data and the Internet of Things, and explore how these technologies are evolving and helping businesses to become more agile.

Before joining SiliconANGLE, Mike was an editor at Argophilia Travel News, an occassional contributer to The Epoch Times, and has also dabbled in SEO and social media marketing. He usually bases himself in Bangkok, Thailand, though he can often be found roaming through the jungles or chilling on a beach.

Got a news story or tip? Email


Join our mailing list to receive the latest news and updates from our team.


  1. VK music 4 mac. . .It’s a russian program, those of us in the US wouldn’t download this anyway, not to mention FANBOIS will use iTunes anyway. Other download sites are torrents, something us “FANBOIS”  don’t download from. It’s a social engineering program and “MOST” of us fanbois are savvy enough to know you don’t activate your software with an SMS. This article is total fodder. If you download from only legitimate sites the fanbois collection will be safe.

  2. @JohnCGarcia Fair enough but you might not be aware of the millions of iPhone users outside the US, many of whom are teenagers with no money and who therefore, look for alternatives such as iTunes (‘cos it’s expensive). In Thailand, where I live, pretty much everyone gets their iPhone jailbroken and downloads apps from other sources

Submit a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Share This

Share This

Share this post with your friends!