Koobface exploit for Macs circulating in the wild

By on
Koobface exploit for Macs circulating in the wild

Spreads by way of a malicious Java applet.

Security firm Intego has issued an alert announcing that its research team has discovered a Mac version of the notorious Koobface worm, known to propagate on social networking sites

In the past, machines compromised by Koobface have been hit with a potent trojan cocktail that can block access to security websites, change DNS settings, install rogue anti-virus software and steal passwords.

In the case of Mac version of Koobface, the worm spreads by way of a malicious Java applet, according to a security memo from Intego.

Users are prompted to click on links appearing on popular social media sites such as Facebook, MySpace and Twitter – usually under the guise of a video – which leads them to a malicious website that attempts to load the applet.

"Users can deny or allow the applet access to their computers," the memo said. "If they click 'Deny', the applet will not run, and no infection will occur. If they click 'Allow', however, the applet will run and will attempt to download files from one or more remote servers." 

Intego, though, rated the threat as low-risk.

"While Intego has evidence of several infections in the wild, we are not currently able to go beyond this step, as either the malicious malware has bugs preventing it from running correctly, or the servers it contacts are not active or are not serving the correct files," according to the memo.

Users are encouraged to avoid accepting questionable Java applets.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:
In Partnership With

Most Read Articles

Log In

Username / Email:
Password:
  |  Forgot your password?