Search My Blog

Thursday, July 12, 2012

Cross-platform Trojan checks your OS, Attacks Windows, Mac, Linux - ZDNet

Cross-platform Trojan checks your OS: Attacks Windows, Mac, Linux

Summary: A new cross-platform Trojan downloader has been discovered. It detects if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform.

Remember the cross-platform malware that exploited Java to attack both PCs and Macs? Well here's a better one for you: a Trojan downloader that checks your operating system so it can pick which malware to download onto your computer.

The new Web-based social engineering attack, first detected on a compromised website in Colombia, relies on a malicious Java applet to install backdoors on Windows, Mac, and Linux computers. When you first visit such a compromised site, you are prompted to install the Java applet, which unsurprisingly hasn't been signed with a certificate. If you do so, the applet checks which operating system you have (Windows, Mac OS X, or Linux) and then drops a corresponding Trojan for your platform.

F-Secure, which first found the Web exploit, detects the initial malware as Trojan-Downloader:Java/GetShell.A. The respective payloads for Windows, Mac, and Linux are detected as follows: Backdoor:W32/GetShell.A, Backdoor:OSX/GetShell.A (PowerPC binary, requires Rosetta on an Intel-based platform), and Backdoor:Linux/GetShell.A.


Well, We (Linux Users), knew that these Days were coming. Still, using Common Sense. Not Installing Anything that a Web Site Wants to Install on your System, looks like will keep us safe from this one. And I would think, that if you run an OS, like Fedora Linux, which uses SELinux Security Software. Then, even if you slip up and start to install one of these Trojan containing Java Apps. Then you should get a warning from SELinux and have a chance to Stop it there. I do worry about the type of Trojans, RootKits, etc... that can install them selves without any User Participation though. So, I have always kept Anti Virus Software on my Linux OS's. Since 2005. And Scan my Systems and all files that I receive from Friends via E-Mails. I use KlamAV the Gui Version of ClamAV for Linux and on Windows too. I also like Avast Anti Virus for Windows too. Avast, does have a Linux version. But, the last time I used it (a year of so ago), it was buggy and Crashed in my Fedora Linux Systems. So, I stick with KlamAV now...


See also:

Related Stories

No comments: