New malware targets Linux and Mac OS X

By on September 3, 2012, 9:30 AM

A new piece of malware targeting Macs and Linux-based systems is causing a world of trouble for those in its path. Wirenet.1 is responsible for stealing passwords stored in browsers like Chrome, Chromium, Firefox and Opera. Furthermore, it’s able to obtain passwords from popular applications including SeaMonkey, Pidgin and Thunderbird. Even if you don’t use any of the above mentioned software, you’re still in danger as a keylogger is bundled in the payload.

The outbreak was just recently detected meaning there are still multiple pieces of the puzzle missing. It’s unknown how the malware is being spread but Russian anti-virus company Dr. Web says the malicious code installs itself into the user’s home directory under the name WIFIADAPT.

There are some steps that can be taken right away if you think you could be infected. Dr. Web is quick to point out that their anti-virus software will keep you protected (for a fee, of course). Another option is to simply disable communication with the control server used by the code’s author. In this case, blocking communication with IP address 212.7.208.65 should do the trick. 

The malware further highlights a growing trend to target operating systems with a smaller install base – basically anything other than Windows – that were once thought to be more secure. The most popular Trojan to affect a non-Windows system was Flashback, a modified version of the BackDoor.Flashback.30 variant first discovered by Dr. Web in April 2012. This code found its way to more than 600,000 Mac computers.




User Comments: 29

Got something to say? Post a comment
1 person liked this | Punkid said:

Apple fanboy: but macs dont get viruses, its just impossible cuz great lord Jobs said so

jobeard jobeard, TS Ambassador, said:

@Punkid; get a life

Camikazi said:

Seems what people have been saying is starting to happen, Mac OS and Linux are getting more popular and now malware makers have a reason to target them, this should be fun.

Tygerstrike said:

Or better yet....The ppl sending out this malware know that half the ppl who own a Mac or run a Linux system all kinda think the same way. Like Punkid said...The great Steve Jobs wont let anything effect their system.......Its when you think your the most secure is when you need to be watching for that knife in the back. Same thinking applies to your home PC.

Guest said:

This means the rise of malware proliferation era

Jim T Jim T said:

If you leave your home account open, with no password required to make changes, you may make it possible for this malware to attack you. Most Linux users are quite a bit smarter than this. If you think you can compromise my system, give it your best shot.I've been using broadband on the WWW for over ten years now, and the only problem I ever had was when I was using XP (back in 2001). I'm not a bit concerned with what the newest scriopt kiddies want to try.

hahahanoobs hahahanoobs said:

Most Linux users are quite a bit smarter than this. If you think you can compromise my system, give it your best shot.

You must be new to the internet, but virus writers target the opposite. The majority of Linux users may be smart enough to safeguard themselves against such attacks, but certainly not the people you "converted" to the OS.

1 person liked this | Guest said:

@ Punkid: I don't think anybody with any system getting malware is cause for celebration and fan boy hate. Compared to Windows, Mac OS and Linux obviously have significantly less malware. Conversely, anyone who owned a Mac and thought they'd never get viruses were out of their minds too.

If you're on the Internet, get an antivirus and firewall.

Det Det said:

If you leave your home account open, with no password required to make changes, you may make it possible for this malware to attack you. Most Linux users are quite a bit smarter than this. If you think you can compromise my system, give it your best shot.I've been using broadband on the WWW for over ten years now, and the only problem I ever had was when I was using XP (back in 2001). I'm not a bit concerned with what the newest scriopt kiddies want to try.

Yeah, well, to be fair these sort of Windows users are pretty much just as hard to get infected as well. I haven't had a single malware, virus, etc. of any kind without any sort of firewall or anti-virus for 6 years.

It'd be interested to find out what sort of systems are affected, though, and what exactly is the library or application that's being exploited.

lancestu lancestu said:

Go with Android 4 and/or Ubuntu.

Follow common sense.

You're set for the cloud.

Leeky Leeky said:

Wonders if he's alone in wondering how people can claim they've never had x virus, or y malware in z number of years, yet proclaim to never use any form or protection that would, in real-time alert them to such problems..... It's a real nail bitter!

I use malware, firewall (hardware and software) and AV's for Windows boxes, but I have to be honest and say I don't use AV's in Linux at all any more. I use both OS' the same and I'm yet to get any infection whilst in Windows. I'm probably a little more relaxed with where I point my browser in Linux, but having run an AV for years previously and never had a single virus I didn't think there was a point to it any more. That said, I certainly wouldn't proclaim Linux was virus-free, as the naked truth is I have no idea. lol. Windows is fine though.

The issue of viruses and malware in my opinion is largely platform irrelevant. It isn't the OS that's the issue, its the person using it. That's the difference between x user of OS X not being infected and y user of OS X being overrun with them. That's why more experienced users face less exposure to infections and other online nasties -- its a simple case of being more cautious and aware of their "virtual" surroundings.

P.S. I wonder if Samsung has opened a new spyware/malware/virus division at its headquarters in South Korea....

Camikazi said:

Wonders if he's alone in wondering how people can claim they've never had x virus, or y malware in z number of years, yet proclaim to never use any form or protection that would, in real-time alert them to such problems..... It's a real nail bitter!

I tend to ignore comments of people who say that since if you don't run malware or AV scanners than you might never know if you actually have a virus. I haven't had a virus in years but I'm not dumb enough to not run AV and malware scanners since it's the only way to be sure (and even then some might get through).

jobeard jobeard, TS Ambassador, said:

If you follow the description of the latest drive-by, you can see it is a social engineering attack delivered

via email. Following the simplest of rules, ALL these drive-by attacks can be avoided without the necessity

of A/V, black/white lists or even a firewall:

  • delete email with stupid subjects
  • delete email from unknown origins
  • delete email even from known origins that make no sense to you (eg delivery notice when you haven't made an order or don't have a bank account with that specific bank

@Leeky: >>The issue of viruses and malware in my opinion is largely platform irrelevant. It isn't the OS that's the issue, its the person using it.

ABSOLUTELY every click is an invitation.

Tygerstrike said:

@Leeky

Never have I heard it put more politely. Its true that its the users themselves that click an attachment. Or visit sites that are full of viruses. I often have to admonish my own father for visiting "pron" sites. Many times I have to wipe his computer clean and start it all over for him. Not that my father is a stupid man, just not very knowledgable about what the Internet holds. The same could be said for over 50% of the internet user base world wide. Ppl dont need to know the internal workings of a combustion engine to drive a car. The same holds true for the Internet. They dont need to understand. Its point click and go. Maybe a better solution all around would be to have those of us that DO understand, teach those that dont. Go visit grandma and grampa and help them to help themselves.

1 person liked this | Guest said:

To all the windows lovers who are critizing apple here:

You know, techspot could put this story in EACH and EVERY day...

"New malware targets Windows today"

But they don't, because its common. What do they report? Uncommon things. Think about it.

Jim T Jim T said:

Flash is a big vulnerability, and I guess Java can be too (if you don't use the Open Source kind). I don't try to convert anyone to anything. I'm not a disciple. If you ask for my help, I'm more than happy to show you some things. As far as I'm concerned, obscurity is fine with me. I don't look for ways to make my life any more complicated than it already gets on its own. Debian is a safe, secure system, even the 'testing' or 'unstable' varieties (with a little common sense).

Guest said:

Nice read : Wirenet-1 - Tux gets a virus...

Nobody said it's impossible to write malicious code for Linux .. what *IS* claimed is that it wouldn't get very far [image link]

Guest said:

It's not the Os that's inviting a virus. its the user! And as for dr.web seems like they are making the viruses especially for these OSes and miraculously finding them

Guest said:

I just found about 250 of 1300000 virus signatures for Linux and OSX available in ClamAV virus database by running this command :

[CODE]$ sigtool --list-sigs | grep -I linux | sort

$ sigtool --list-sigs | grep -I osx | sort[/CODE]

Output : http://paste.ubuntu.com/1185165/

Det Det said:

Wonders if he's alone in wondering how people can claim they've never had x virus, or y malware in z number of years, yet proclaim to never use any form or protection that would, in real-time alert them to such problems..... It's a real nail bitter!

I tend to ignore comments of people who say that since if you don't run malware or AV scanners than you might never know if you actually have a virus. I haven't had a virus in years but I'm not dumb enough to not run AV and malware scanners since it's the only way to be sure (and even then some might get through).

I have no idea whether it's me you guys are talking about but I do run scans like once in two months (SUPERAntiSpyware, Malwarebytes' thingy, Spybot S&D and occasionally even the Norton security scan).

The thing is I never find _anything_ so I don't really know what kind of dumb things you're doing with your own PC (or dumb software), if you're actually having viruses "slip through" even through a firewall and an antivirus.

Sunny87 said:

@ Punkid: I don't think anybody with any system getting malware is cause for celebration and fan boy hate. Compared to Windows, Mac OS and Linux obviously have significantly less malware. Conversely, anyone who owned a Mac and thought they'd never get viruses were out of their minds too.

If you're on the Internet, get an antivirus and firewall.

Exactly, at the very least do the basics

System Preferences>Security & Privacy>Firewall>Turn On Firewall> Lock settings

I always do this on a fresh build of Mac OS X then I make a point of signing into my apple account and downloading ClamXav to run scans once a week.

Also don't entertain strange emails!!!

Leeky Leeky said:

@Det Nah, it was a general observation more than anything. I made a valid point though. The single biggest change a user getting viruses can make is to change the way they use their computer. I think that goes without saying really.

Guest said:

Yes anything one person creates another person may attack. Any system will have it's weaknesses. In many cases the system user is the largest weakness, if they install something despite understanding or warnings then they can have issues. Some people are quite click-happy and just install everything. Having said that I believe the Linux is more secure from a default position, note more secure doesn't mean invulnerable.

Camikazi said:

I have no idea whether it's me you guys are talking about but I do run scans like once in two months (SUPERAntiSpyware, Malwarebytes' thingy, Spybot S&D and occasionally even the Norton security scan).

The thing is I never find _anything_ so I don't really know what kind of dumb things you're doing with your own PC (or dumb software), if you're actually having viruses "slip through" even through a firewall and an antivirus.

I didn't mean you specifically I just see a lot of posts from people saying they have no AV, no malware scanner, they do no checks and yet say they are 100% sure they don't have viruses. As or the malware slipping in that is more with people clicking without thinking (happens a lot) since the system is only as safe as the person using it. The most secure system will fall if the person using it isn't paying attention and hits the wrong button.

Capaill said:

I like Leeky's comment about Samsung

Frankly, given the hate currently building against Apple, I'm surprised nobody is attacking them the way that Sony were attacked. I guess Apple have never given a reason to become a target but that may have recently changed.

I don't see any reason to target Linux, except maybe as a test. And I am also suspicious that the only crowd identifying the threat are also offering a way to remove it for money, as a Guest noted above.

Guest said:

Well as MAC and Linux gain more recognition of course more malware will be coming out.

I wouldn't be surprised if iOS malware becomes more common than windows eventually, given the popularity of iPhones.

In fact, smartphone viruses and malware will probably be the next big frontier for malware.

Anyone who believed Macs were more secure was fooling themselves, it's been proven a few times it was not the security of the system but the lack of interest that made for less malware targeted on those OSes.

Now that it's happening there's no need to gloat and say I told you so.

Guest said:

We need combofix that can running on Linux and Mac now

Punkid said:

@ Punkid: I don't think anybody with any system getting malware is cause for celebration and fan boy hate. Compared to Windows, Mac OS and Linux obviously have significantly less malware. Conversely, anyone who owned a Mac and thought they'd never get viruses were out of their minds too.

If you're on the Internet, get an antivirus and firewall.

im not celebrating :P . and yes, windows has more malware because of its popularity as Camikazi pointed out. Now that Linux and Mac OS are gaining popularity, malware has increased. The fact is, no OS is invulnerable as Apple made their customers believe, but I think theyve changed some text on their website that no longer states that its totally malware free...a move in the right direction :P

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.