![]() The real iTerm2 site is hosted at, which appeared as the second result in the Baidu search. This technique of introducing malicious results into search queries is known as search engine poisoning.Īttempting to download iTerm2 from the lookalike site would instead download a disk image infected with an OSX/ZuRu Trojan horse. Rather than the top result being the legitimate iTerm2, the first link actually led to a malware site designed to look virtually indistinguishable from the legitimate software’s homepage. Baidu poisoned search results for iTerm2 led to OSX/ZuRu malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |