SecureMac Alerts Mac Users to New Trojan Horse
SecureMac, a site devoted to Mac OS X security, claims to have discovered a new Trojan Horse in the wild that could cause problems for anyone running a Mac.
The Trojan Horse dubbed trojan.osx.boonana.a is reportedly spreading through popular social networking sites including Facebook, disguised as a video.
The Trojan appears as a link in messages on social networking sites with the subject "Is this you in this video?" When run, the installer modifies system files to bypass the need for passwords reports SecureMac.
"When a user clicks the infected link, the Trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically," the website notes.
"When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the Trojan sets itself to run invisibly in the background at start-up, and periodically checks in with command and control servers to report information on the infected system. While running, the Trojan Horse hijacks user accounts to spread itself further via spam messages."
SecureMac adds users have reported the Trojan is also spreading through email as well as social media sites.
"The Trojan attempts to hide its internet communications and actions through obfuscated code spread through multiple files, and will attempt to contact additional command servers if the primary servers are unavailable."
SecureMac has released a free removal tool, which promises to eliminate the threat, along with advice on avoiding the threat on the company's website.
"Users can protect themselves from infection by turning off Java in their web browser. This can be accomplished in Safari by clicking the Security tab under Safari Preferences, and making sure the "Enable Java" checkbox is unchecked," SecureMac insists.
SecureMac offers MacScan, which claims to quickly detect, isolate and remove malware from Mac computers using both real-time spyware definition updating and "unique detection" methods.