Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

2.2013 ( Version 11 )

SMSSendA


OSX/SMSSend is a Trojan that masquerades as an application installer (e.g. VKMustic, History of Sochi) [1]. As part of the installation process, the user is asked to input their phone number to receive a verification code via text message. The provided number is then subscribed to a premium texting service that generates revenue for the malware author [2].

References:
  1. http://www.thesafemac.com/variant-of-smssend-slips-past-xprotect/
  2. https://www.symantec.com/security_response/writeup.jsp?docid=2013-020414-4057-99

Sample Hashes (VT links):
6c2b47384229eba6f398c74a0ba1516b3a674723