New Java-Based Malware Targets Mac OS X, But Threat Level Disputed

135706 koobface alert
Security alert dialog box generated by malware's installation attempts

Yesterday, Mac antivirus firm SecureMac issued an alert regarding a new piece of malware capable of infecting systems running Mac OS X by using a trojan horse method of entry to deploy a Java-based payload enabling a wide variety of nefarious functions.

The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject "Is this you in this video?"

When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites.

Rival antivirus firm Intego responded with a notice of its own, downplaying the imminent threat from the malware due to the fact that it does not appear to be functioning as intended.

While Intego has evidence of several infections in the wild, we are not currently able to go beyond this step, as either the malicious malware has bugs preventing it from running correctly, or the servers it contacts are not active or are not serving the correct files.

Potentially, if it installs correctly, it functions the same as the Koobface worm running on Windows. It runs a local web server and an IRC server, acts as part of a botnet, acts as a DNS changer, and can activate a number of other functions, either through files initially installed or other files downloaded subsequently. It spreads by posting messages on Facebook, MySpace and Twitter, usually trying to get people to click a link to view some sort of video.

While this is an especially malicious piece of malware, the current Mac OS X implementation is flawed, and the threat is therefore low.

Both companies have conveniently noted that they offer products capable of identifying and eliminating the malware, although users without protection software should be alerted by the malware installation generating a Mac OS X dialog box regarding the attempted action.

Popular Stories

Apple Glass

Apple Smart Glasses: Everything We Know So Far

Wednesday May 21, 2025 8:21 am PDT by
Google recently made waves by showcasing a set of lightweight smart glasses featuring deep Gemini integration and an optional in-lens display. The demo has reignited interest in Apple's own smart glasses project, which has been the subject of rumors for nearly a decade. Here's a recap of where things stand. Current Development Status Apple is actively working on new chips specifically...
Apple Glasses Purple Feature

Apple Smart Glasses Launching in 2026

Thursday May 22, 2025 12:22 pm PDT by
Apple is planning to launch a set of smart glasses by the end of 2026, reports Bloomberg. The glasses will be comparable to the Meta Ray-Bans and the Android XR glasses that Google showed off earlier this week. Apple's smart glasses are expected to include cameras, microphones, and AI capabilities, much like the Meta Ray-Bans. The glasses will be able to take photos, record video, provide...
Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
maxresdefault

OpenAI Buys Jony Ive's AI Startup to 'Completely Reimagine What It Means to Use a Computer'

Wednesday May 21, 2025 10:27 am PDT by
OpenAI is acquiring io, the hardware-based AI startup co-created by Jony Ive, OpenAI announced today. Ive has been working with OpenAI CEO Sam Altman on io for two years, and the duo expects to develop a family of AI devices. In a video shared by OpenAI, Altman and Ive outlined their partnership and what they expect to create as a result of the merger. "I have a growing sense that everything ...
WWDC 2025 Banner

Apple Announces WWDC 2025 Schedule, Including Keynote Time

Tuesday May 20, 2025 8:13 am PDT by
Apple today announced a more detailed schedule for its annual developers conference WWDC, which runs from June 9 through June 13. The schedule confirms that Apple's keynote will begin on Monday, June 9 at 10 a.m. Pacific Time, with a live stream to be available on Apple.com, in the Apple TV app, and on YouTube. During the keynote, Apple is expected to announce iOS 19, iPadOS 19, macOS 16,...
iPod shuffle generations

Kuo: Jony Ive's Futuristic OpenAI Device Like a Neck-Worn iPod Shuffle

Thursday May 22, 2025 8:05 am PDT by
The big news in the technology world this week is that ChatGPT maker OpenAI is working more closely with Apple's former design chief Jony Ive on a futuristic AI device. The company is remaining tight lipped about the device, but Apple supply chain analyst Ming-Chi Kuo has shared some alleged details about its design. In a social media post today, Kuo said the device will be "slightly larger" ...
macOS 16 visionOS Inspired Feature 1

macOS 16: Everything We Know So Far

Tuesday May 20, 2025 7:31 am PDT by
The Worldwide Developers Conference (WWDC), Apple's annual developer and software-oriented event, is less than three weeks away. We haven't heard a great deal about macOS 16 ahead of its announcement this year, so we could be in for some major surprises when June 9 rolls around. Here's what we know so far about the next major update to Apple's Mac operating system. macOS 16 Name? Every year ...