Bad news for Mac users -- a cross-platform Trojan that can infect the OS is currently being tracked, masquerading as a video. Boonana, official designation 'trojan.osx.boonana.a,' or 'OSX/Koobface.A' depending on who you want to go with, is being spread across Facebook and other social networks with the old 'Is this you in this video?' ploy. Appearing on people's Facebook pages, the link launches a Java applet that then downloads and runs an installer for the Trojan.
While it's not news that there's another Trojan on the loose for Windows, not much in the way of malware can infect Apple's often touted as secure, desktop operating system or Linux. Of course to actually install the Trojan on OS X, users will have to enter their password to authorize the installer, something that you should never do if you haven't run something intentionally yourself. As with all social engineering like this, users could blindly enter their password, thinking it's for a video. Once on the machine, Boonana runs in the background, reporting back system information and trying to spread itself via the unfortunate user's email account.
It's an interesting and rather worrying precedent to set, with cross-platform infection using Java. Apple's recently taken the decision to stop pre-installing Java with OSX due to security concerns over out-dated versions. But let's hope that this kind of thing doesn't become the norm, and for the meantime at least, be careful what you click on and trust, even if you're a Mac or Linux user.
[Via CNet]
Tags: boonana, java, koobface, Mac OS X, MacOsX, malware, OS X, OsX, trojan, virus
