A new piece of malware targeting Macs and Linux-based systems is causing a world of trouble for those in its path. Wirenet.1 is responsible for stealing passwords stored in browsers like Chrome, Chromium, Firefox and Opera. Furthermore, it’s able to obtain passwords from popular applications including SeaMonkey, Pidgin and Thunderbird. Even if you don’t use any of the above mentioned software, you’re still in danger as a keylogger is bundled in the payload.
The outbreak was just recently detected meaning there are still multiple pieces of the puzzle missing. It’s unknown how the malware is being spread but Russian anti-virus company Dr. Web says the malicious code installs itself into the user’s home directory under the name WIFIADAPT.
There are some steps that can be taken right away if you think you could be infected. Dr. Web is quick to point out that their anti-virus software will keep you protected (for a fee, of course). Another option is to simply disable communication with the control server used by the code’s author. In this case, blocking communication with IP address 126.96.36.199 should do the trick.
The malware further highlights a growing trend to target operating systems with a smaller install base – basically anything other than Windows – that were once thought to be more secure. The most popular Trojan to affect a non-Windows system was Flashback, a modified version of the BackDoor.Flashback.30 variant first discovered by Dr. Web in April 2012. This code found its way to more than 600,000 Mac computers.