Apple Mac systems are getting an attack by a Trojan program. Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term. That’s exactly the model Apple has employed successfully for some time now. However, its luck finally appears to be running short.
Intego (security research firm) reports the new malware, trojan.osx.boonana.a is really a reworked version of the Koobface malware, which has attacked windows systems in the past. This malware actually acts as a worm when it spreads in a network also as a trojan once it get into a system. The infected systems will have the symptoms like, links posted automatically into Facebook, MySpace, Twitter and few other social networking websites.
When someone clicks the link, then an java applet runs that prompts for a permission to run OS X’s Java Player. At this point the user should not let the applet to take permission for installing any player in their Mac system. This is the best way to prevent infection in the system. If you allow the java player to run, then your system gets infected immediately.
You may also like to Read:
Next level, the virus will prompt you with a message “Do you have Mac Antispyware program like VirusBarrier X6’s Installed ?” At this stage a rootkit program will be fetched from a remote system to let you mac system accessible by the attacker remotely. This Mac Backdoor program can allow the attacker to access your system anytime whenever you are online. These files are copied to an invisible folder .jnana, in the users home directory and hence its not easy to be spotted by normal computer users.
Whenever you login into social networking sites, then this virus can automatically post links to infect more users in your network or community. Not just that, it may also send spam email using your logged in mail accounts to all your contacts stored in your address book.
This virus also targets Windows and Linux, that makes it as a rare true cross platform virus. The fact is, it uses the java player as a route of attack. Hence its more complex than usual viruses.
Apple is actually have a plan in mind to ditch Java Player in future version of OS X, which is OS X 10.7 “Lion”. This can eliminate the routes of attack that can be caused by third party plugins in Mac Systems.