Exclusive Deal While supplies last, save 40% off over 40 iPhone 5 and iPhone 4/4S cases and chargers as well as Samsung S III cases at Kensington.com. Use coupon code 'SAVE40%' at checkout to receive this exclusive discount.      
toggle

AAPL Stock: 445.15 ( + 3.01 )

http://www.macnn.com/articles/10/10/27/hides.as.a.video.via.social.networking.email/

New Mac Trojan uncovered: "Boonana"

updated 05:40 pm EDT, Wed October 27, 2010

 

Hides as a video via social networking, email


SecureMac and Intego, among other security firms, today alerted the Mac community to a new Trojan threat, trojan.osx.boonana.a (Intego gives it the name OSX/Koobface.a), which is spreading via social networking sites like Facebook and e-mail. The trojan appears as a link in messages with the subject "Is this you in this video?", and when users click on the link, a Java applet downloads an installer, which modifies system files to bypass passwords and other protections.

Boonana affects both Mac OS X and Windows, and sets itself up to run invisibly in the background at next startup, allowing outside access to files. It periodicially checks in with servers and spreads itself via further spam messages. Mac users are advised to disable Java on their web browsers and avoid clicking email links that claim to point to videos.

Although this is not the first trojan for the Mac to take advantage of exploits in browser Java, this is a rare instance of one that works on both major platforms simultaneously. SecureMac has released a free removal tool, directly downloaded here.


by MacNN Staff

Post tools:

TAGS :

 computers, security, software, hacks, trojan, Java, Mac

Related Articles

Recent Articles

toggle

Comments

  1. bdmarsh

    Fresh-Faced Recruit

    Joined: Feb 2006

    0
    10/27, 06:32pm | report spam | Reply |

    already shut down?

    the additional notes from one of the security firms looking into it found that either there was a bug in the code, or the hosting servers for the extra program payloads was down, they could only see the initial worm.

    Maybe this was just a proof of concept test.

  1. patrix

    Junior Member

    Joined: Sep 2006

    -1
    10/27, 06:34pm | report spam | (1 reply) Reply |

    Chrome immune?

    I know for a fact that Chrome keeps websites from installing anything, so would it be immune to that?

    Besides, don't you have to click "yes I trust this applet" like a million times to get a Java applet to run.


    As usual, it will be used to scare Mac users, or to show that Macs have viruses, even though, as usual, that will all be blown way out of proportion.

  1. Athens

    Addicted to MacNN

    Joined: Jan 2003

    +2
    10/27, 07:05pm | report spam | Reply |

    I disagree

    I think this one is of more concern then others because of how its spreading via social network sites. This is one of the few that regular users could end up encountering and because its facebook trust by mistake. Most mac Trojans have been part of illegal warez downloads, little risk to regular average people.

  1. JeffHarris

    Fresh-Faced Recruit

    Joined: Oct 1999

    +5
    10/27, 07:35pm | report spam | (2 replies) Reply |

    Typical Intego Tactic

    Welcome to Intego's quarterly Mac "virus" scare!

    This is yet another of Intego's FUD spreading cyclical attempts to sell anti-virus software to unsuspecting Mac users (frightened ex-Windows users). They've been doing this for years.

  1. gskibum3

    Fresh-Faced Recruit

    Joined: Nov 2006

    +3
    10/28, 09:34am | report spam | Reply |

    Misleading

    Other articles make it clear that a user must supply admin credentials to allow the software to install. Which is contrary to what is suggested by this macnn article.

  1. zjone003

    Banned

    Joined: Nov 2010

    -5
    11/01, 06:42am | report spam | Reply |

    hey

    accept paypal and credit card

    ==== http://www.proxy4biz.com ====

    Cheap Nike air Jordan shoes35$,Air Force 1 38$, Nike dunks SB shoe,Nike Shox shoe. Wholesale Cheap Nike shoes with discount jersey, High quality T-shirts,ED hardy t-shirts,ED Hardy hoodies,ED hardy shoes,ED hardy Jeans,Evisu shoes,GUCCI shoes,LV Handbag,Chanel Handbag……welcome to
    ==== http://proxy4biz.com ====

    Nike shox(R4,NZ,OZ,TL1,TL2,TL3) $35

    Handbags(Coach lv fendi d&g) $35

    Tshirts (Polo ,ed hardy,lacoste) $16

    Jean(True Religion,ed hardy,coogi) $30

    Sunglasses(Oakey,coach,gucci,Armaini) $15

    New era cap $12

    Bikini (Ed hardy,polo) $18


    ==== http://www.proxy4biz.com ====

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News