New Java malware attacks Apple's OS X along with Windows, Linux

This is a discussion on New Java malware attacks Apple's OS X along with Windows, Linux within the Mac OS X forums, part of the Mac Software category; A new form of browser-based cross-platform malware can give hackers remote access to computers running Apple's OS X, Microsoft's Windows, and even Linux. The multi-platform ...

Results 1 to 4 of 4
  1. #1
    Administrator
    Join Date
    Jul 2011
    Location
    Northern Michigan
    Posts
    25,446
    Member #
    1529
    Liked
    316 times

    New Java malware attacks Apple's OS X along with Windows, Linux



    A new form of browser-based cross-platform malware can give hackers remote access to computers running Apple's OS X, Microsoft's Windows, and even Linux.

    The multi-platform backdoor malware was disclosed this week by security firm F-Secure. It was originally discovered on a Colombian Transport website, and relies on social engineering to trick users into running a Java Archive file, meaning it is not likely to be a major threat.

    However, its cross-platform design is unique. If users grant permission to the Java Archive, the malware will secretly determine whether the user is running a Mac, a Windows PC, or a Linux machine. When running on a Mac, the malware will remotely connect to an IP address through port 8080 to obtain additional code to execute.

    Anti-virus maker Sophos said on Wednesday that the new malware has the potential to affect a higher number of people because of its multi-platform strategy. Typically, malware and viruses target Windows PCs, as they represent the overwhelming majority of computers.

    "Once it has found out which operating system you are running, the Java class file will download the appropriate flavor of malware, with the intention of opening a backdoor that will give hackers remote access to your computer," explained Graham Cluley, senior technology consultant with Sophos.

    On a Mac, the new malware is defined as "Backdoor:OSX/GetShell.A. According to F-Secure, it is a PowerPC binary, which means users running a modern, Intel-based Mac must also have Rosetta installed.

    While rare, cross-platform malware attacks are not unheard of. In 2010, a Trojan known as "trojan.osx.boonana.a" was a Java-based exploit that affected both Macs running OS X, as well as Windows PCs.

    As Apple's Mac platform has grown in popularity and outpaced the PC market as a whole, the OS X platform has become a bigger target for hackers. Last month, Apple opted to tone down promotional language on its website that once claimed the Mac "doesn't get PC viruses." Apple's website now says that OS X is "built to be safe."

    That change was made just a few months after more than 600,000 Macs were estimated to have been infected by a trojan horse named "Flashback." More than half of the Macs believed to be infected by the botnet were found in the U.S. alone before Apple aggressively released a series of software updates to quash the malware.


    7-11-12

    Source

  2. Ads

    Posts
    Many

  3. #2
    Administrator
    Join Date
    Jul 2011
    Location
    Northern Michigan
    Posts
    25,446
    Member #
    1529
    Liked
    316 times

    New Java Update for Mac OS X Resolves Potential Security Threat



    Apple has released an update to Java aimed at addressing the recently discovered security issue that could impact some Mac users. The update, dubbed “Java for OS X 2012-005″, is available for users of Mac OS X 10.6, 10.7, and 10.8. All Mac users eligible for the update are recommended to install it.

    You can download the Java update through Software Update, the Mac App Store, or directly from Apple. OS X Lion and Mountain Lion onward do not automatically bundle Java, meaning if you don’t see a Java update available you don’t have it installed on your Mac. If you did manually install Java yourself, you will see the update available though.

    Apple describes the update as follows:

    Java for OS X 2012-005 delivers improved security, reliability, and compatibility by updating Java SE 6 to 1.6.0_35.

    This update configures the Java plug-in to deactivate when no applets are run for an extended period of time. If the prior update named “Java for OS X 2012-004″ was not installed, this update will disable the Java web plug-in immediately. Java applets may be re-enabled by clicking the region labeled “Inactive plug-in” on a web page.

    Please quit any web browsers and Java applications before installing this update.

    Last week, Oracle released a Java 7u7 update to patch the problem for SE 7 as well. The updates from Apple address security issues for both Java 6 and Java 7.


    9-5-12

    osxdaily.com

  4. #3
    Member
    Join Date
    Sep 2012
    Posts
    70
    Member #
    4129
    Liked
    1 times
    Dear Administrator,

    Should we break the ice now that Macs don't get infected with trojans? Or shall we still live in the stereotype. I belive most of us would consider a Mac safer (only when compared to PC). Are we not relaxing too much upon virus infections. I would like to share the list of viruses that infected Mac during the last two decades. I also think Hackers have taken up this as a challenge to infect Macs and trust me they have started fine.

    New Java malware attacks Apple's OS X along with Windows, Linux-sophos.com.png

    Image Provided by Sophos.com

  5. #4
    Administrator
    Join Date
    Jul 2011
    Location
    Northern Michigan
    Posts
    25,446
    Member #
    1529
    Liked
    316 times
    No arguments with me.

    If you read my posts, I personally never said Macs are not vulnerable, just
    a matter of time, there are to few of us desktop users for the hackers to write hacks.

    That said, what hacker wouldn't love to be the first to crash a Mac system??

    That is the weird answer I don't have. Thought by now....


    Sent from my iPhone 4 via TapaTalk
    Mac Pro '08
    2013 27" iMAC. 10.11.4 32g
    Apple Server Beta
    iPad Pro
    Ipad1, 3 and iPad Air 7.1. Ipod2, 4s. iPhone 5 - IOS 8.2-- Apple Tv 4th Gen.
    ADC Member and Beta Tester


Remove Ads

Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Replies: 0
    Last Post: 06-13-2012, 05:08 PM
  2. Replies: 2
    Last Post: 04-14-2012, 12:49 PM
  3. Apple issues second OS X Java update this week
    By sparkyscott21 in forum Apple News
    Replies: 0
    Last Post: 04-07-2012, 04:19 PM
  4. Replies: 0
    Last Post: 04-05-2012, 12:00 PM
  5. How to Install & Run Ubuntu Linux in VirtualBox
    By sparkyscott21 in forum Mac and Windows
    Replies: 0
    Last Post: 03-27-2012, 04:22 PM

Contact Us
Back to top