Feeds

Notorious Koobface worm ported to Mac OS X

Lame, but still worth watching

Beginner's guide to SSL certificates

Security researchers say they've been monitoring a Mac OS X version of the notorious Koobface worm, which uses advanced rootkit techniques to stealthily hijack infected machines.

Although the Mac version isn't yet ready for prime time, it is nonetheless a sophisticated piece of software that developers put a fair amount of effort into implementing. It was designed to use Oracle's Java framework to infect not just Macs, but Linux and Windows machines as well, according to Mac antivirus provider Intego. Once installed, the malware gives attackers complete control over the computer.

“While this is an especially malicious piece of malware, the current Mac OS X implementation is flawed, and the threat is therefore low,” Intego researchers wrote in a blog post published Wednesday. “However, Mac users should be aware that this threat exists, and that it is likely to be operative in the future, so this Koobface Trojan horse may become an issue for Macs.”

For that to happen, attackers will probably have to figure out how to bypass a window OS X prominently displays warning that a self-signed Java applet is requesting access to the computer. Assuming they do, or are able to trick users into clicking “Allow” anyway, they will also need to resolve issues preventing the downloaded files from installing.

Those are high hurdles. But Koobface's considerable success on Windows shows just how gullible many marks are when it comes to scams promising free videos.

Once installed, the downloaded files are stored in an invisible folder and give the infected Mac the ability to run a local webserver or IRC server and to act as an DNS changer.

Intego is calling the malware OSX/Koobface.A, while SecureMac, which also blogged about the attack, calls it trojan.osx.boonana.a. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?