Mac OS X

Boonana Trojan Horse For Mac OS X Spread Via Social Media

Posted by on Oct 27, 2010 | 10 Comments

There should be an image here!SecureMac has discovered a new trojan horse in the wild that affects Mac OS X, including Snow Leopard (OS X 10.6), the latest version of OS X. The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject “Is this you in this video?”

When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through email as well as social media sites.

The java component of the trojan horse is cross-platform, and includes other files that affect Mac OS X as well as Microsoft Windows. There have been reports of similar behavior in recent trojan horses targeting Microsoft Windows, but they have not included cross-platform capabilities until now. The trojan attempts to hide its Internet communications and actions through obfuscated code spread through multiple files, and will attempt to contact additional command servers if the primary servers are unavailable.

This trojan horse is currently in the wild affecting users of both operating systems.

“This is a sobering reminder that hackers are turning their efforts toward Mac OS X as Apple’s marketshare grows, and users should be vigilant in protecting their computers and taking precautions when surfing the Web,” said Nicholas Ptacek, a security researcher at SecureMac.

SecureMac has released a free removal tool to eliminate this threat, which can be downloaded directly from this site.

Further updates on the status of this trojan horse can be found here, which will be updated as more information becomes available.

  • http://www.gavinroskamp.com/ Gavin Roskamp

    So in other words, don’t click on random links from your friends that claim you’re in a video. The same thing has happened with things like “OMG why is there a drunk pic of you on this site!?” in the past, but it has only been able to affect Windows. I would expect Apple to fix this vulnerability soon and we can put this one to rest.

  • Anonymous

    Google should keep working on security, simplicity, and speed…. what they do with all Google products anyways. I think the final versions of Google+ will look and work better than Facebook! Unless Facebook does an interface overhaul.. hmm.

    It just doesn’t seem that great right now, interface-wise… This is just from previews I’ve seen, of course. I wouldn’t know as I can’t access it yet… age limit..

  • http://www.facebook.com/mikokawasaki Miko Yoshida

    I love Facebook,I login daily especialy for play online game,from Facebook too I got many friends from arround the world,it made me fun and known that life is really meaningfull with manyfriends arround us.

  • http://twitter.com/n4cer Markus Zeller

    We’ll die… sooner or later…

  • David Baron

    That’s it. Microwaves. I remember doing reserve duty in an airport and the fluorescent lights glowed whether or not I turned on the switch. Microwaves are absorbed by water, that’s how microwave ovens cook, and we are mostly water. Power level is small but talking night and day, the new human form, hand and phone to ear?

    Nuke ‘em easy!

  • Anonymous

    Yet another rehash of a University press release. even the press release does not provide links to the actual research results – without this it’s just woo.

  • Anonymous

    Mobile telephones emit microwaves when transmitting. Don’t worry about Car stereos they only emit sound waves which are air pressure vibrations

  • http://www.facebook.com/profile.php?id=1201715378 Atoy Suarin

    I tried to make a video call however when I set it up there’s no “get’s started” button available instead, what’s showing is “Video calling will be available soon Please check back later.” Does anyone knows if there’s an alternative way to use it? Please help. Thank you.

  • http://chris.pirillo.com/ Chris Pirillo

    Not yet on Linux. :(

  • http://twitter.com/cjjmccray Chris McCray

    So it only “works for all browsers on your computer” if and only if your computer runs a Windows or Apple OS (it does work on Apple, doesn’t it – I’m using either Linux or Windows so can’t test). One day! One day I tell ya! These things will work everywhere one day…