SecureMac has discovered a new Trojan that affects all Mac OS X versions even the 10.7 Lion and it is being distributed through email and social networks like Facebook, posing as a video linked from a message with the title “Is this you in this video?”.
When a user clicks on the link, the Trojan is executed by a Java applet that downloads files to your computer, including an installer that is automatically launched and asks for your password. After typing in your password, a malicious person somewhere in another continent may have an easy access to your accounts.
The Trojan runs in the background and completely invisible, so each time you start your computer, it sends spam messages through the user’s contact list. It may affect all popular platforms, such as Windows, Linux and Mac OS X and it seems to be a variation of a malware originating from the Microsoft environment.
This is a sobering reminder that hackers are stepping up their efforts to compromise Mac OS X security as Apple increases its market share. Users should be careful to protect their computer and take precautions while surfing the web.
Fortunately, some experts believe that it is not a threat that poses critical risk due to, at least temporarily, limited distribution and some design flaws that prevent the Trojan to work properly in all situations. For example, although the Trojan can theoretically infect a Mac OX computer, some security specialists have not been able to get it running on a computer with Mac OS X 10.6, due to an installer that ask for our Administrator password, which prevent the Trojan to affect us without noticing.
SecureMac has released a free tool which can protect computer users from this Trojan and remove it from the system in case of infection. Furthermore, to avoid any infection through Safari, you can always disable the Java plugin (not JavaScript) in your browser preferences, thus negating any possibility of running the trojan.
Many international users are luckier as many Trojans of this type come by default in English, giving them a first clue to suspect any message they receive is not from a friend if they regularly use non-english languages.