Giveaway: Bracketron Case If outdoor adventures are in your future this summer, enter to win a Bracketron Sport Case with Mount Strap from MacNN and keep that iPhone, iPod or other electronic device safe from the elements.      
toggle

AAPL Stock: 454.74 ( + 1.77 )

http://www.macnn.com/articles/10/10/27/hides.as.a.video.via.social.networking.email/

New Mac Trojan uncovered: "Boonana"

updated 05:40 pm EDT, Wed October 27, 2010

 

Hides as a video via social networking, email


SecureMac and Intego, among other security firms, today alerted the Mac community to a new Trojan threat, trojan.osx.boonana.a (Intego gives it the name OSX/Koobface.a), which is spreading via social networking sites like Facebook and e-mail. The trojan appears as a link in messages with the subject "Is this you in this video?", and when users click on the link, a Java applet downloads an installer, which modifies system files to bypass passwords and other protections.

Boonana affects both Mac OS X and Windows, and sets itself up to run invisibly in the background at next startup, allowing outside access to files. It periodicially checks in with servers and spreads itself via further spam messages. Mac users are advised to disable Java on their web browsers and avoid clicking email links that claim to point to videos.

Although this is not the first trojan for the Mac to take advantage of exploits in browser Java, this is a rare instance of one that works on both major platforms simultaneously. SecureMac has released a free removal tool, directly downloaded here.


by MacNN Staff

Post tools:

TAGS :

 computers, security, software, hacks, trojan, Java, Mac

Related Articles

Recent Articles

toggle

Comments

  1. bdmarsh

    Fresh-Faced Recruit

    Joined: Feb 2006

    0
    10/27, 06:32pm | report spam | Reply |

    already shut down?

    the additional notes from one of the security firms looking into it found that either there was a bug in the code, or the hosting servers for the extra program payloads was down, they could only see the initial worm.

    Maybe this was just a proof of concept test.

  1. patrix

    Junior Member

    Joined: Sep 2006

    -1
    10/27, 06:34pm | report spam | (1 reply) Reply |

    Chrome immune?

    I know for a fact that Chrome keeps websites from installing anything, so would it be immune to that?

    Besides, don't you have to click "yes I trust this applet" like a million times to get a Java applet to run.


    As usual, it will be used to scare Mac users, or to show that Macs have viruses, even though, as usual, that will all be blown way out of proportion.

  1. Athens

    Addicted to MacNN

    Joined: Jan 2003

    +2
    10/27, 07:05pm | report spam | Reply |

    I disagree

    I think this one is of more concern then others because of how its spreading via social network sites. This is one of the few that regular users could end up encountering and because its facebook trust by mistake. Most mac Trojans have been part of illegal warez downloads, little risk to regular average people.

  1. JeffHarris

    Fresh-Faced Recruit

    Joined: Oct 1999

    +5
    10/27, 07:35pm | report spam | (2 replies) Reply |

    Typical Intego Tactic

    Welcome to Intego's quarterly Mac "virus" scare!

    This is yet another of Intego's FUD spreading cyclical attempts to sell anti-virus software to unsuspecting Mac users (frightened ex-Windows users). They've been doing this for years.

  1. gskibum3

    Fresh-Faced Recruit

    Joined: Nov 2006

    +3
    10/28, 09:34am | report spam | Reply |

    Misleading

    Other articles make it clear that a user must supply admin credentials to allow the software to install. Which is contrary to what is suggested by this macnn article.

  1. zjone003

    Banned

    Joined: Nov 2010

    -5
    11/01, 06:42am | report spam | Reply |

    hey

    accept paypal and credit card

    ==== http://www.proxy4biz.com ====

    Cheap Nike air Jordan shoes35$,Air Force 1 38$, Nike dunks SB shoe,Nike Shox shoe. Wholesale Cheap Nike shoes with discount jersey, High quality T-shirts,ED hardy t-shirts,ED Hardy hoodies,ED hardy shoes,ED hardy Jeans,Evisu shoes,GUCCI shoes,LV Handbag,Chanel Handbag……welcome to
    ==== http://proxy4biz.com ====

    Nike shox(R4,NZ,OZ,TL1,TL2,TL3) $35

    Handbags(Coach lv fendi d&g) $35

    Tshirts (Polo ,ed hardy,lacoste) $16

    Jean(True Religion,ed hardy,coogi) $30

    Sunglasses(Oakey,coach,gucci,Armaini) $15

    New era cap $12

    Bikini (Ed hardy,polo) $18


    ==== http://www.proxy4biz.com ====

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

HTC One

It is hard to understate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming declin ...

Samsung Galaxy S 4

Samsung's new flagship Android smartphone, the Galaxy S 4, faces even stiffer competition than its popular predecessor. With a five-in ...

HighPoint RocketU 1144CM USB 3.0 PCI-E card

Apple was one of the first -- if not the first -- major computer manufacturers to provide then-fledgling USB support at the expense of ...

toggle

Most Commented

 

Popular News