New Java-Based Malware Targets Mac OS X, But Threat Level Disputed


Security alert dialog box generated by malware's installation attempts

Yesterday, Mac antivirus firm SecureMac issued an alert regarding a new piece of malware capable of infecting systems running Mac OS X by using a trojan horse method of entry to deploy a Java-based payload enabling a wide variety of nefarious functions.

The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject "Is this you in this video?"

When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites.

Rival antivirus firm Intego responded with a notice of its own, downplaying the imminent threat from the malware due to the fact that it does not appear to be functioning as intended.

While Intego has evidence of several infections in the wild, we are not currently able to go beyond this step, as either the malicious malware has bugs preventing it from running correctly, or the servers it contacts are not active or are not serving the correct files.

Potentially, if it installs correctly, it functions the same as the Koobface worm running on Windows. It runs a local web server and an IRC server, acts as part of a botnet, acts as a DNS changer, and can activate a number of other functions, either through files initially installed or other files downloaded subsequently. It spreads by posting messages on Facebook, MySpace and Twitter, usually trying to get people to click a link to view some sort of video.

While this is an especially malicious piece of malware, the current Mac OS X implementation is flawed, and the threat is therefore low.

Both companies have conveniently noted that they offer products capable of identifying and eliminating the malware, although users without protection software should be alerted by the malware installation generating a Mac OS X dialog box regarding the attempted action.

Top Stories

Samsung Mocks Apple for Ditching Power Adapters With iPhone 12 Lineup

Thursday October 15, 2020 11:51 am PDT by
Samsung on its social channels is mocking Apple for removing the power adapter from the iPhone 12 lineup and other iPhone models, pointing out the fact that the Samsung Galaxy smartphones continue to ship with a power adapter. "Included with your Galaxy," reads a Samsung Facebook post that features a picture of a power adapter. Apple notably is no longer providing power adapters or...

iPhone 12 Pro Pre-Orders Already Selling Out With Delivery Times Pushing Into November

Friday October 16, 2020 6:35 am PDT by
Apple today opened pre-orders for the 6.1-inch models of the iPhone 12 and iPhone 12 Pro through its website and the Apple Store app, and estimated delivery times are already slipping into November for select configurations in the United States. Customers ordering a SIM-free/Pacific Blue/128GB version of the iPhone 12 Pro, for example, are already facing an estimated delivery window of...

HomePod Mini Cable is Non-Detachable, Ends With USB-C Connector for Use With Included 20W Power Adapter

Friday October 16, 2020 12:45 pm PDT by
While not detailed in the tech specs, MacRumors can confirm that Apple's new HomePod mini features a non-detachable power cable that ends with a USB-C connector for use with the 20W power adapter included in the box. With the switch to USB-C, the HomePod mini could potentially be powered by a wider range of devices and peripherals, ranging from MacBooks to USB-C battery packs with enough...

Apple's New MagSafe Charger and Cases Begin Arriving to Customers

Saturday October 17, 2020 10:10 am PDT by
Apple's new MagSafe charger and cases have begun arriving to some customers earlier than expected, and images of the accessories have started to surface on Twitter. The photos provide a first look at the products in real-world use. As of writing, some MagSafe cases are also available for pickup at select Apple Stores in countries like the United States, Canada, and Germany. Filip...

New Google App Feature Lets You Hum a Song to Search for It

Saturday October 17, 2020 4:05 am PDT by
Google has added a new feature to its Search app that allows you to hum a song that's stuck in your head, and then use the company's machine learning algorithm to try and identify it. In the Google app or using the Google Search widget, tap the mic icon and say "what's this song?" or click the "Search a song" button. Then start humming the tune for 10-15 seconds. When you're done, the...

Brazilian Certifications Suggest iPhone 12 Mini Features 2,227mAh Battery and iPhone 12 Has 2,815mAh Battery

Friday October 16, 2020 1:08 pm PDT by
Apple's iPhone mini has the shortest battery life out of all the iPhones in the iPhone 12 lineup due to its small size, but Apple has not provided public information about the battery's capacity. A regulatory filing from Brazil, however, suggests the iPhone 12 mini has a battery capacity of 2,227mAh. The same regulatory information says the iPhone 12 features a 2,815mAh battery, which is...

Apple Offering Free AirPods With iPhone 11 Purchase in India as Part of Diwali Celebration

Friday October 16, 2020 12:35 pm PDT by
Apple today launched a new Diwali promotion in India that will see the company providing customers with a set of AirPods with the purchase of any iPhone 11 model. The new iPhone 12 models are not part of the promotion. Apple is offering the standard AirPods With Charging Case free with purchase, but customers can choose to upgrade to the AirPods with Wireless Charging Case or the AirPods Pro....

Apple Event to Unveil First Apple Silicon Macs Could Happen on November 17

Friday October 16, 2020 2:24 am PDT by
Apple will hold another digital event on November 17 to announce its first Apple Silicon powered Macs, according to frequent leaker Jon Prosser. Apple has already said that this year it intends to introduce the first Mac powered by an Apple Silicon chip instead of an Intel processor. One thing it hasn't revealed is the date it will be announced. According to Prosser's source, that date is No...

Apple Online Store Down Ahead of iPhone 12 and 12 Pro Pre-Orders

Thursday October 15, 2020 11:15 pm PDT by
Apple's online store is down ahead of iPhone 12 and iPhone 12 Pro pre-orders, which are set to begin at 5:00 a.m. Pacific Time in the United States. "You're... early," reads the Apple Store message when attempting to visit the U.S. website. "Pre-order begins at 5:00 a.m. PDT. Enjoy the extra sleep." Apple used to do new device pre-orders at 12:01 a.m. Pacific Time, but since last year, has...

When You Can Pre-Order the iPhone 12 and 12 Pro in Every Time Zone

Thursday October 15, 2020 10:55 am PDT by
Pre-orders for the iPhone 12 and the iPhone 12 Pro are set to kick off on Friday, October 16 at 5:00 a.m. Pacific Time, which is a new launch time that Apple adopted as of last year. Apple is planning to make the new devices available in multiple countries around the world simultaneously, so we've made a guide to let MacRumors readers know when pre-orders will in their country. Pre-orders...