The Trojan, named trojan.osx.boonana.a by security firm SecureMac, appears as a message on social networking sites like Facebook, which says:
"Is this you in this video?"
When the user clicks on the link, it runs a Java applet and installs a program that can bypass the usual verification password that OS X (including Snow Leopard OS X 10.6), requires for installation.
The malware runs automatically at startup, communicates with C&C servers, and is able to continue to spread by spam on other users' profiles.
SecureMac claims that because the initial phase of the Trojan runs on Java, it can be extended to Mac OS X and Windows by downloading the appropriate version of the Trojan.
- Publicidad -
Disabling Java in the browser can help avoid infection and SecureMac has created a free removal tool. The company also takes the opportunity to remember that as the market rate of MAC increases, so does malware.
Source: Arstechnica
Authors:
