{"id":1010,"date":"2008-01-24T01:05:04","date_gmt":"2008-01-24T09:05:04","guid":{"rendered":"https:\/\/blog.mhvt.net\/?p=1010"},"modified":"2008-01-24T01:05:55","modified_gmt":"2008-01-24T09:05:55","slug":"hqcodecvip1355dmg-containing-trojan-osxrsplug-gen","status":"publish","type":"post","link":"https:\/\/blog.mhvt.net\/?p=1010","title":{"rendered":"HQCODECVIP1355.DMG Containing Trojan (OSX\/RSPlug-Gen)"},"content":{"rendered":"<p><a href=\"mac\/anti-spam\/anti-spam.jpg\"><img decoding=\"async\" src=\"mac\/anti-spam\/anti-spam.jpg\" alt=\"anti spam\" \/><\/a><br \/>\n<br \/><\/br><br \/>\n<br \/><\/br><br \/>\nTOKYO (MacHouse) &#8211;  In the last article hosted at our <a href=\"http:\/\/seo.mhvt.net\/blog\/\">SEO\/Web Safety blog<\/a>, we mentioned a disc image which we suspected contains a <strong>Trojan<\/strong> virus targeting <strong>Mac<\/strong> users.  We sent this file, <strong>hqcodecvip1355.dmg<\/strong>, to security expert <a href=\"http:\/\/www.sophos.com\">Sophos<\/a> for a review.  And they have confirmed to us that this disc image contains a Trojan&#8217;s derivative called &#8216;<strong>OSX\/RSPlug-Gen<\/strong>.&#8217;  According to Sophos, it&#8217;s described as a malicious program which is designed to modify &#8220;the computer&#8217;s network settings,&#8221; &#8220;potentially causing the user&#8217;s web traffic to be redirected to malicious sites.&#8221;  It&#8217;s also known as <strong>DNS Changer Trojan<\/strong>.  hqcodecvip1355.dmg contains a DNS Changer Trojan that specifically targets Mac users.  And there is another file from hqcodecvip.com.  The file name is <strong>hqcodecvip1000.dmg<\/strong>.  It&#8217;s possible that this file is also infected.<\/p>\n<p>We appreciate Sophos for their quick response and for their finding.<br \/>\n<br \/><\/br><br \/>\n<br \/><\/br><br \/>\nClick on the button for more information on this Trojan virus. <a href=\"http:\/\/www.sophos.com\/virusinfo\/analyses\/osxrspluggen.html\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/www.mhvt.net\/quicktime\/eng\/graphics\/button.gif\" width=\"25\" height=\"25\" alt=\"VTC\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>TOKYO (MacHouse) &#8211; In the last article hosted at our SEO\/Web Safety blog, we mentioned a disc image which we suspected contains a Trojan virus targeting Mac users. We sent this file, hqcodecvip1355.dmg, to security expert Sophos for a review. &hellip; <a href=\"https:\/\/blog.mhvt.net\/?p=1010\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":342,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[],"class_list":["post-1010","post","type-post","status-publish","format-standard","hentry","category-internet-security"],"_links":{"self":[{"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=\/wp\/v2\/posts\/1010","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=\/wp\/v2\/users\/342"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1010"}],"version-history":[{"count":0,"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=\/wp\/v2\/posts\/1010\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1010"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1010"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mhvt.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1010"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}