New Java-Based Malware Targets Mac OS X, But Threat Level Disputed

135706 koobface alert
Security alert dialog box generated by malware's installation attempts

Yesterday, Mac antivirus firm SecureMac issued an alert regarding a new piece of malware capable of infecting systems running Mac OS X by using a trojan horse method of entry to deploy a Java-based payload enabling a wide variety of nefarious functions.

The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject "Is this you in this video?"

When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites.

Rival antivirus firm Intego responded with a notice of its own, downplaying the imminent threat from the malware due to the fact that it does not appear to be functioning as intended.

While Intego has evidence of several infections in the wild, we are not currently able to go beyond this step, as either the malicious malware has bugs preventing it from running correctly, or the servers it contacts are not active or are not serving the correct files.

Potentially, if it installs correctly, it functions the same as the Koobface worm running on Windows. It runs a local web server and an IRC server, acts as part of a botnet, acts as a DNS changer, and can activate a number of other functions, either through files initially installed or other files downloaded subsequently. It spreads by posting messages on Facebook, MySpace and Twitter, usually trying to get people to click a link to view some sort of video.

While this is an especially malicious piece of malware, the current Mac OS X implementation is flawed, and the threat is therefore low.

Both companies have conveniently noted that they offer products capable of identifying and eliminating the malware, although users without protection software should be alerted by the malware installation generating a Mac OS X dialog box regarding the attempted action.

Popular Stories

iOS 18

Here Are Apple's Full Release Notes for iOS 18.2

Thursday December 5, 2024 11:48 am PST by
Apple seeded the release candidate version of iOS 18.2 today, which means it's going to see a public launch imminently. Release candidates represent the final version of new software that will be provided to the public should no last minute bugs be found, and Apple includes release notes with the RC launch. The iOS 18.2 release notes provide a look at all of the new features that are coming...
New Things Your iPhone Can Do in iOS 18

20 New Things Your iPhone Can Do in iOS 18.2

Friday December 6, 2024 4:42 am PST by
Apple is set to release iOS 18.2 in the second week of December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls...
iPhone 17 Slim Feature

iPhone 17 'Air' Expected to Be ~2mm Thinner Than iPhone 16 Pro

Friday December 6, 2024 4:07 pm PST by
In 2025, Apple is planning to debut a thinner version of the iPhone that will be sold alongside the iPhone 17, iPhone 17 Pro, and iPhone 17 Pro Max. This iPhone 17 "Air" will be about two millimeters thinner than the current iPhone 16 Pro, according to Bloomberg's Mark Gurman. The iPhone 16 Pro is 8.25mm thick, so an iPhone 17 that is 2mm thinner would come in at around 6.25mm. At 6.25mm,...
Generic iOS 18

Apple Seeds Second Release Candidate Versions of iOS 18.2 and More With Genmoji, Image Playground and ChatGPT Integration

Monday December 9, 2024 10:06 am PST by
Apple today seeded the second release candidate versions of upcoming iOS 18.2, iPadOS 18.2, and macOS 15.2 updates to developers and public beta testers for testing purposes, a week after releasing the first RCs. The first iOS 18.2 RC had a build number of 22C150, while the second RC's build number is 22C151. Release candidates represent the final version of beta software that's expected to see a ...
iPhone 14 Pro Display Two Times Brighter Feature

Every Display Upgrade Rumored for Apple's iPhone 17

Friday December 6, 2024 5:14 am PST by
Apple's next-generation iPhone 17 lineup may bring some of the most significant display improvements we've seen in recent years. While the iPhone 17 series isn't expected until late 2025, multiple rumors suggest Apple is working on substantial screen upgrades across its entire smartphone range. From enhanced refresh rates to advanced materials and improved power efficiency, these display...
airpods pro 2 gradient

AirPods Pro 3 Expected Next Year: Here's What We Know

Thursday November 28, 2024 3:30 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
iCloud General Feature

Apple Defeats Lawsuit Related to iCloud's Measly 5GB of Free Storage

Friday December 6, 2024 7:43 am PST by
The U.S. Court of Appeals for the Ninth Circuit this week upheld a lower court's dismissal of a lawsuit alleging that Apple illegally deceived customers into paying for iCloud storage, according to a court filing. The decision was reported by Law360. The lawsuit alleged that Apple deceived customers into purchasing iCloud-enabled devices by misleading customers into believing that they can...
top stories 7dec2024

Top Stories: iOS 18.2 Coming Soon, iPhone 17 Rumors, and More

Saturday December 7, 2024 6:00 am PST by
2024 is rapidly drawing to a close, but Apple isn't quite done with releases for the year as iOS 18.2 and related operating system updates are arriving very shortly. Apple Intelligence is a major focus for these updates, but there are some other tweaks and improvements arriving for all users. Looking toward hardware rumors, discussion continues around Apple's work on a foldable iPhone, an...