Apple Quickly Updates Malware Definitions to Detect New SMS Scam Trojan

Earlier this week, Russian security firm Dr. Web published a blog post announcing the discovery of a new OS X trojan horse known as "Trojan.SMSSend.3666". The malware masquerades as an installer for various software titles, but tricks users into signing up for subscriptions through their mobile devices.

smssend trojan

When a user starts such an installer, they see the interface that imitates the installation wizard of a corresponding application. In order to continue the "installation" fraudsters ask that the victim enter their cellphone number into an appropriate field and then specify the code found in a reply SMS. By performing these actions the user agrees to terms of a chargeable subscription and a fee will be debited from their mobile phone account on a regular basis.

Similar trojans have affected Windows and even Android platforms for some time, but the tactic is now being used to target Mac users.

smssend definition
Apple has moved quickly to address the threat, adding definitions for the malware to its "Xprotect.plist" blacklist, which is part of the basic anti-malware tools Apple launched with OS X Snow Leopard in 2009. In its original incarnation, users were required to update definitions manually, but as malware threats against OS X grew, Apple last year instituted automatic daily checks to keep users' systems updated. The anti-malware tools automatically detect when a user has downloaded a file matching the signature of known malware, alerting the user of the threat and advising them to discard the downloaded file.

Popular Stories

iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching in Three Months With These 12 New Features

Saturday June 21, 2025 2:45 pm PDT by
The iPhone 17 Pro and iPhone 17 Pro Max are around three months away, and there are plenty of rumors about the devices from credible sources. Below, we recap key changes rumored for the iPhone 17 Pro models as of June 2025:Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X...
iPhone 16 Battery Life Feature

iOS 26's New Battery Life Mode Available Only on These iPhone Models

Saturday June 21, 2025 9:02 am PDT by
Last week, we reported that iOS 26 introduces an opt-in Adaptive Power Mode on the iPhone, alongside the existing Low Power Mode. Apple says that Adaptive Power Mode can make "small performance adjustments" when necessary to extend an iPhone's battery life, including slightly lowering the display brightness or allowing some activities to "take a little longer." The full description of...
All Screen iPhone 2027 Feature 1

iPhone Reportedly Moving to All-Screen Design in Two Stages

Sunday June 22, 2025 3:58 pm PDT by
Apple has long been working towards an iPhone with an all-screen design, and it might finally achieve the feat in a few more years from now. In his Power On newsletter today, Bloomberg's Mark Gurman said that Apple will shrink the size of the Dynamic Island on new iPhone models released next year. A year after that, he expects Apple to release a redesigned 20th-anniversary iPhone model....
ios 26 control center b2

Everything New in iOS 26 Beta 2

Monday June 23, 2025 2:57 pm PDT by
Apple provided developers with the second beta of iOS 26, introducing the first changes and refinements to the new operating system since it debuted after the WWDC keynote. Because we're early in the beta testing process, there are quite a few tweaks to iOS 26, which we've rounded up below. Subscribe to the MacRumors YouTube channel for more videos. Control Center The background behind the...
ios 26 control center b2

iOS 26 Beta 2 Fixes Control Center Design

Monday June 23, 2025 10:58 am PDT by
With the second beta of iOS 26 that Apple provided to developers today, Apple addressed one of the major complaints that people have had with Liquid Glass. iOS 26 beta 1 on left, iOS 26 beta 2 on right The Control Center buttons are now slightly more opaque, making it easier to see the different control options even on a multicolored background. The new, more opaque look is apparent with the ...
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro's Alleged Vapor Chamber Cooling System Partly Revealed

Sunday June 22, 2025 6:37 am PDT by
Apple's upcoming iPhone 17 Pro and iPhone 17 Pro Max models are rumored to be equipped with a vapor chamber cooling system, and a leaker known as Majin Bu today shared a photo of an alleged copper thermal plate for the system. Many high-end Android smartphones like Samsung's Galaxy S25 Ultra are equipped with a vapor chamber cooling system, which can manage heat dissipation inside the...
apple watch ultra 2 new black

Apple Watch Ultra 3 Finally Coming After Two-Year Hiatus

Tuesday June 24, 2025 3:40 am PDT by
Apple will finally deliver the Apple Watch Ultra 3 sometime this year, according to analyst Jeff Pu of GF Securities Hong Kong (via @jukanlosreve). The analyst expects both the Apple Watch Series 11 and Apple Watch Ultra 3 to arrive this year (likely alongside the new iPhone 17 lineup, if previous launches are anything to go by), according to his latest product roadmap shared with...
Apple Watch Ultra 2 Complications

watchOS 26 Adding a Smaller Yet Useful New Watch Face Setting

Monday June 23, 2025 9:39 am PDT by
watchOS 26 is adding a new "Show Data When Locked" setting to the Apple Watch. MacRumors contributor Steve Moser discovered the new setting within the code for the first watchOS 26 beta, and a Reddit user has seemingly found it in action, but we have yet to figure out where it is exactly. Leave a comment if you know. The new privacy setting allows you to toggle on or off the ability to...
Wi Fi WiFi General Feature

iOS 26 Adding Two New Wi-Fi Features, Allows AirDrop and AirPlay Alternatives

Saturday June 21, 2025 7:02 am PDT by
iOS 26 is gaining two new Wi-Fi features, including Captive Assist and Wi-Fi Aware. MacRumors contributor Aaron Perris discovered a reference to Captive Assist within the code for the first iOS 26 developer beta, but Apple has yet to enable the feature. It should be available by the time the software update is released later this year. In his Power On newsletter last month, Bloomberg's...

Top Rated Comments

spyguy10709 Avatar
164 months ago
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.

LOL welcome to reality - this isn't a virus at all. It's a fake installer that asks for your cell phone number. It's not an infection - it's a poor phishing attempt.
Score: 20 Votes (Like | Disagree)
spyguy10709 Avatar
164 months ago
Again, like I always say, the only virus you can get on OSX is one you install yourself. This just prevents the user from hurting him/herself. This isn't a "virus" like everyone is saying - it's a program that phishes your personal info. It can't escalate itself privelidge-wise like with a Windows virus and become "above" your system to prevent removal or uninstallation. Nothing can do that in OSX due to it's unix base.

Also, great job Apple for staying so on top of this :D
Score: 15 Votes (Like | Disagree)
gnasher729 Avatar
164 months ago
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.

Since this application is neither a virus nor spyware I'd say people are quite right.
Score: 12 Votes (Like | Disagree)
mw360 Avatar
164 months ago
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.

From wikipedia:

A computer virus is a computer program that can replicate itself[1] and spread from one computer to another.

Spyware is a type of malware (malicious software) installed on computers that collects information about users without their knowledge.

This is neither. Its a plain old scam.
Score: 11 Votes (Like | Disagree)
0815 Avatar
164 months ago
Somehow I am not worried about this 'Trojan'

Anything that requires me launching an installer and than requiring me to type in my password and cell phone number is not scary at all - its a lame phishing attempt that I laugh about.

I would be worried if it installs automatically in the background and than accesses my address book to get my cell phone number - but even than I would not respond to that SMS to get charged money.

Honestly, I don't get the people that did type in their cell phone number - it is almost impossible to protect those people from their own stupidity.

Anyway, glad to see that Apple is trying to protect people from their own stupidity.
Score: 10 Votes (Like | Disagree)
ArtOfWarfare Avatar
164 months ago
Nicely handled, it would seem.

But really, it seems to me this is an issue phone service providers should handle. Why is the money that they handle handled so insecurely? Shouldn't our provider send us some sort of message for us to confirm that some company is going to start leaching money via our phone bill and shouldn't they block companies that they find frequently commit this kind of fraud?
Score: 8 Votes (Like | Disagree)