Print 117 comment(s) - last by JKflipflop98.. on Nov 6 at 8:52 PM

Mac users are now at risky of getting a nasty virus.  (Source: Listmania)

If it you approve, you are a sad noob, and your Mac is infected.  (Source: Intego)
Mac: Hi PC, I'm not feeling so hot today... PC: Oh, I know ALL about that. I think you have a virus!

Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term.  That's exactly the model Apple has employed successfully for some time now.  However, its luck finally appears to be running short.

Hot on the heels of a newly discovered iOS exploit that allows access to locked iPhones, new reports [1] [2] from security research firms 
SecureFirm and Intego reveals that a new trojan is targeting Mac users using a vulnerability in OS X's Java player.

According to the 
Intego report the new malware, trojan.osx.boonana.a, is really a reworked version of the Koobface malware, which has attacked Windows in the past.  The malware acts as a worm when it spreads and as a trojan when it is infecting your computer.

Users may encounter the worm via links posted on Facebook, MySpace, Twitter, and other websites.  When clicking the link, the applet attempts to run.  Users can stop the infection before it starts by denying the applet permission to run when OS X's Java player pops up a dialogue.

If they allow the applet to run, they may get another warning if they have a Mac antispyware program like VirusBarrier X6’s Anti-Spyware installed.  If they don't get the warning, or choose to disregard it, the applet will attempt to make a connection with a remote server and installs a rootkit, backdoor, command and control, and other elements.  These files are copied to an invisible folder -- .jnana -- in the user's home directory.

If the virus is allowed to carry out its infection process, the unsuspecting Mac user may find themselves part of a botnet.  When they log on social networks, the virus will post links to spread the infection.  It may also send spam e-mail via their logged-in accounts

Other variants of this virus target Windows and Linux, making it a rare true cross-platform virus.  All these viruses share the fact that they use the Java player as a route of attack.  According to 
Intego, other OS X-specific versions of the virus have shown up, but most are broken or try to connect to offline servers.

The malware could become potentially more dangerous in the future if it is able to eliminate the warnings from the Java player and/or change the name/location of the infection directory, making it hard for virus removal software to find it.

While it does not appear that this virus takes advantage of any unique flaws in Apple's version of Java, some security experts say that Apple's Java player may have more vulnerabilities than Window's.  That's because Apple makes its own Java player, which according to an e-mailreportedly attributed to Apple Chief Executive Steve Jobs, is always a version behind the official Linux/Windows builds from Sun and Oracle.

Apple is reportedly considering ditching its Java player in future versions of OS X, such as OS X 10.7 "Lion".  Similarly it's considering rejecting Flash, another multimedia web technology.  Ultimately these efforts may eliminate some routes of attack, but now that Apple is being targeted it must realize -- there is 
always a back door.


Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By nowhereman95 on 10/29/2010 12:15:22 PM , Rating: 2
Just an observation, but for such a small and worthless community of users running a candy-coated OS with a picayune marketshare, the Mac seems to stir not an inconsiderable amount of feeling here, as witnessed by the number of comments. Rather like an elephant being hot and bothered by an insect. Seems rather bizarre that all of this outpouring is devoted to a virus/trojan, whatever that infects a system that was declared dead over a decade ago.

Honestly, why does anyone on this site even care?

As for the malware and viruses, many of these are being developed by the same people who work for security firms that sell the AV software (white hat by day, black hat by night - no points for guessing which hat garners the most money). That software (mal or otherwise) is simply going to follow the money. If any platform proves to be a lucrative target, that is where the software is targeted. Given that no one really uses Macs (except the moronic according to more than one poster above), the likelihood that it was targeted per se seems remote; and that, as someone stated, this was a cross-platform trojan for which the Mac was collateral damage.

RE: observation
By Autisticgramma on 10/29/2010 3:01:04 PM , Rating: 2
Your absolutely dead on about the insect and the elephant, proof is in the user base. However like American politics, the marketing plan appears to be constant blaring repetition until we're beaten into complete submission or rejection.

Until the Mac sees enough market share to get its own blaster worm, the raging flame war will continue. So if you own a mac buy another and give your old one to your friend who always wanted one. Its the only to prove the windows geeks right. :) I will however be dumping my apple stock at the end of the year. Apple is approaching the peak in its perpetual cycle of: OMG we did this cool thing (if you disagree nerd, your a nerd), squeezing it until it dies, then crying for grampa steve to lead them to the new oasis of WTF. My only real wonder is what will happen when the other organs start to fail around the new liver. The name Ipad makes me wonder just how long grampa steve has.

"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki