Apple + Security & Privacy

MacFixit has a thread today about slow browsing caused by infections from the RSPlug Trojan horse, which Intego discovered last October. The article links to a thread on Apple’s forum, where a user found that slow browsing was caused by infection from this Trojan horse. Not all users who have slow browsing problems are infected, but infection can be prevented by using Intego VirusBarrier X5.

To sum up the problem, the RSPlug Trojan horse changes a user’s DNS settings, causing their computer to query a rogue DNS server. When this new, malicious, DNS server is active, it hijacks some web requests, leading users to phishing web sites (for sites such as Ebay, PayPal and some banks), or simply to web pages displaying ads for other pornographic web sites. If this server gets too many queries, however, it can be very slow, since it is not scaled for such traffic. At least that symptom will lead some users to learn that they have been infected.