Dubbed trojan.osx.boonana.a by SecureMac, it launches automatically on startup, communicates with command and control servers, and can also crack user accounts on other sites to continue infecting others. The security firm notes that it can spread itself to both Mac OS X and Windows, explaining that recent reports of similar Trojan horses targeted Windows, but did not included cross-platform capabilities.
Microsoft recently published data showing an "unprecedented wave" of Java malware exploits during the third quarter of this year. As we've already argued before, Java is on Apple's kill list, and we think security could be the primary reason.
Disabling Java in your browser can help you avoid infection and for those already infected, SecureMac has created a free removal tool. "This is a sobering reminder that hackers are turning their efforts toward Mac OS X as Apple's marketshare grows, and users should be vigilant in protecting their computers and taking precautions when surfing the web," Nicholas Ptacek, a security researcher at SecureMac, said in a statement.