A new Trojan horse that not only affects Windows, but Mac OS X as well, has appeared on social networking sites (including Facebook), primarily disguised as a video. When users click an infected link along the lines of "Is this you in this video?", a Java applet downloads multiple files, including an installer that runs automatically without the user's knowledge. The malware also bypasses the usual password verification OS X requires for installation.
Dubbed trojan.osx.boonana.a by SecureMac, it launches automatically on startup, communicates with command and control servers, and can also crack user accounts on other sites to continue infecting others. The security firm notes that it can spread itself to both Mac OS X and Windows, explaining that recent reports of similar Trojan horses targeted Windows, but did not included cross-platform capabilities.
Microsoft recently published data showing an "unprecedented wave" of Java malware exploits during the third quarter of this year. As we've already argued before, Java is on Apple's kill list, and we think security could be the primary reason.
Disabling Java in your browser can help you avoid infection and for those already infected, SecureMac has created a free removal tool. "This is a sobering reminder that hackers are turning their efforts toward Mac OS X as Apple's marketshare grows, and users should be vigilant in protecting their computers and taking precautions when surfing the web," Nicholas Ptacek, a security researcher at SecureMac, said in a statement.