Boonana trojan horse attacks Mac OS X

October 27th, 2010 at 1:58 PM  No Comments

Mac’s don’t get viruses, right? Wrong. SecureMac is warning of a new trojan marked “trojan.osx.boonana.a” that affects all versions of Mac OS X including the latest version of Snow Leopard. In typical non-creative fashion, the virus is spreading through social networking sites disguised as a video.

When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites.

Because the exploit is Java based, it’s cross platform, meaning this also can hit Windows users. However, given any self respecting Windows user is/should be running a decent anti-virus program their exposure should be more limited. This is one of the first cross platform virues, but not the first for the Mac. As SecureMac points out, as Apple’s marketshare grows their exposure to virus and other malware attack vectors increase.

The easy way to protect yourself from this attack is, not to click stupid links. However, turning off Java inside your browser unless you need it is another recommended method. SecureMac has released a free removal tool to eliminate this threat, which can be downloaded directly from their website.