Forget about a horse: Cybercriminals have found a much more appealing front for their latest Mac-specific Trojan — a sexy swimsuit supermodel.
Malware perpetrators are disguising the Trojan, identified as "Imuler.C" in .zip files labeled as pictures of Russian supermodel Irina Shayk, researchers at the security firm Intego reported on their Mac Security Blog.
What better way to disguise potentially harmful, rigged software than in a file called "FHM Feb Cover Girl Irina Shayk H-Res Pics," complete with an alluring thumbnail icon of a barely-clothed Shayk tempting you to open it?
Intego researchers said the Imuler Trojan exploits a default setting in the Mac OS X Finder that abbreviates file extension names. If you make the mistake of double-clicking on the picture, the Mac Trojan begins searching for user data and attempts to upload it, as well as screenshots it takes, to a remote server. The Trojan also installs a file that ensures the malware will launch when the victim logs into or starts up his Mac.
Thankfully, Intego has not found the Imuler malware in the wild, and says the risk of infection is currently low. In the event it begins spreading, Intego urges Mac users to get a clearer picture of all files by selecting "Show all filename extensions" in the "Finder Preferences" menu; doing so will help you tell the difference between legitimate image files and ones hiding Trojan applications.