Uses rare cross-platform attack method

A new piece of malware is targeting Mac, Windows, and Linux users all at the same time, note security firms F-Secure and Sophos. The code pretends to be a needed add-on; in reality victims are opening up a Java Archive file, which then detects the platform a person is using before connecting to a remote server to fetch additional code, creating a back door for hackers. The Mac version of the malware is identified by F-Secure as "Backdoor:OSX/GetShell.A."

Fully updated Macs should be immune to the attack, since the OS X code is actually a PowerPC binary. OS X Lion doesn't support Rosetta, the software needed for backwards compatibility with PowerPC applications. Even with OS X Snow Leopard, Rosetta is only an optional upgrade.

It's rare for malware to target several platforms simultaneously. Most hackers tend to concentrate on either OS X or Windows, and usually the latter. Although Macs are increasing in popularity, Windows users continue to represent a much larger target and therefore a more logical direction for the time and effort involved.


By Electronista Staff