Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

8.11.2011 ( Version 1 )


Also Known As: OSX/HostMod-A

OSX/QHostWBA is a Trojan that masquerades as a Flash Player installer to install malware that manipulates the computer's hosts file to redirect Google sites to visually similar websites that serve additional content and ads [1]. It was the first signature added with new daily update system [2].

  1. https://www.f-secure.com/weblog/archives/00002206.html
  2. https://www.macrumors.com/2011/08/12/apple-updates-anti-malware-definitions-to-address-fake-flash-player-trojan/

Sample Hashes (VT links):