it's not a redirect. it does a url open via the os, causing the default web browser to spontaneously open a web page. (random gay porn sites appear to be what the malware prefers to show you) If the web browser is not open, it will be launched.
I'm surprised this hasn't been included in the "this application will damage your computer" dialog from the OS X installer.
I work for the Department of Redundancy Department
