Posted on May 06, 2011 by infogrip-tech
A trojan horse has cropped up that affects Mac OS X as well as Windows, primarily disguised as a video moving around social networking sites. So when a user click an infected link, a Java applet is launched that downloads multiple files, including an installer that runs automatically without users’ knowledge.
The Trojan, is named trojan.osx.boonana.a by security firm SecureMac, appears as a message on social networking sites such as Facebook displaying, “Is this you in this video?” As the user clicks the link, a Java applet runs, allowing the system to download several files installing a program that can bypass the usual password verification OS X requires for installation.
The malware will launch automatically on startup, communicates with servers, and can also crack user accounts on other sites to continue to spread itself.
SecureMac asserts that because the initial phase of the trojan runs on Java, it can spread itself to both Mac OS X and Windows. SecureMac doesn’t say explicitly how it differs on Windows, only that the payload includes “other files” that are directed at Windows.
Disabling of Java in your browser can help you avoid infection, but the problem is solved by not clicking shady links. For those already under Boonana’s spell, though, SecureMac has created a free removal tool. The company also reminds Mac users that as Apple’s market share grows, they need to be mindful of increased attention from hackers.