Security Alert: New Trojan Horse on Mac OS X Spread Through Social Networks
It's not often that you hear of a virus for the Mac, but according to a Secure Mac security bulletin, a new trojan virus has been detected on the Mac. The bulletin notes that the virus is spread through social networking websites like Facebook and is disguised as a video.
The trojan called "trojan.osx.boonana.a" has been wreaking havoc on both Windows and Mac platforms.
Secure Mac says, "When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites."
This is a cross-platform virus due to the Java code that can be executed on both Windows and Mac operating systems. Secure Mac gives us some tips for protecting your computer from this virus. The first tip is to turn off Java execution in your web browser. You can do this in Safari by navigating to Safari > Preferences > Security Tab and unchecking the "Enable Java" checkbox.
Additional tips from Secure Mac includes:
1. Watch where you surf. By sticking with safe, well-known websites, you will be less likely to visit a site that will attempt to infect you with a trojan horse. Be especially careful when surfing to links included in messages on social media sites, even if they come from a friend.
2. Watch what you download. Download files only from trusted sources and safe sites.
3. Use security features in OS X. Turn on the built-in Firewall, and consider security software, especially when a computer is shared by multiple users.
If you believe your Mac is infected with this virus, you can download and run the free removal tool from Mac Scan on the Secure Mac website. You can also read more about this virus on that website.
Follow this article's author, Cory Bohon on Twitter.
Related Articles
jsngrantz
October 27, 2010 at 6:06pm
How can I disable Java in Chrome? Also is there anyway to tell if a computer has been infected with out needlessly downloading software from secure mac? I have ClamXav which I run occasionally and while I do go on social networking sites, I rarely watch videos on them though. I am also interested to know if this would prompt the administrator password or somehow be able to bypass it? The way my mac is set up, nothing downloads with out me approving it by typing in my administrator info.
corybohon
October 27, 2010 at 7:42pm
You can disable Java in Google Chrome by doing the following few steps:
1. opening up the browser and navigating to "about:plugins"
2. Find the plugin labeled "Java"
3. Click the disable link that appears underneath the description
This will disable the Java execution functionality in Chrome.
I'm not really sure if or how the virus will get around an administrator entering their password. I assume that because Java code can be executed from the browser without the administrator entering their password, this may be how the virus is getting around it.
MacAddict4Life
October 27, 2010 at 4:51pm
Does the installer prompt for an administrator password? Shouldn't it have to to be able to make changes at this level?
confused155
October 27, 2010 at 2:19pm
Should Enable Javascript still be checked? I bought a mac just like many others for the very reason that there are very few viruses that can infect the mac.
corybohon
October 27, 2010 at 2:34pm
JavaScript should be fine. Because the names are similar, many people confuse the two, but JavaScript doesn't have anything to do with Java. JavaScript, rather, is a web programming language that works with CSS and HTML to provide things on websites like some buttons, video embedding, etc.
So, Java should be unchecked, but JavaScript should remain checked if you still want the web features associated with it.
For more information about JavaScript visit http://en.wikipedia.org/wiki/JavaScript and for more information on Java visit http://en.wikipedia.org/wiki/Java_(programming_language)
Hope this helps!
Connect with Mac|Life
Featured Content
10 television shows that feature our favorite Apple products.
Keep in mind that iTunes and Amazon will sell you entire seasons, which last longer...
Whether it's learning how to use the application or importing third-party calendars...
In This Month's Issue
Feature
Review
Create
Latest Mac|Life Tweets
- MacLife: Review: Sonic the Hedgehog 4 Episode II, universal for iPhone and iPad. So frustrating! http://t.co/UwBjm1Qx1 day 2 hours ago
- MacLife: Lights, Camera, Apple! So many Macs, iPhones, and iPads on TV. http://t.co/JPJ7fBVK1 day 3 hours ago
- MacLife: In this week's Law & Apple, Samsung's bizarre "anti-fanboy" defense, and Apple has a tough time in Delaware. http://t.co/oVwi51Yp1 day 3 hours ago
- MacLife: Mint's iOS app added budgeting and split transactions. Do you track your finances on an iPhone/iPad? http://t.co/c4AgVI4w1 day 4 hours ago
- MacLife: IBM blocks Siri, iCloud, and Drobpox on its employees' iPhones. Drag. But understandable too, right? http://t.co/ojuiYxiS1 day 5 hours ago
