New variant of cross-platform Boonana malware discovered

November 5, 2010 by  
Filed under Security News


Views 94 views  
FaceBook Logo FB Comments
Comments 1 Comment

10400120c9d626af11f3933a7a7b0e05 New variant of cross platform Boonana malware discovered

Last week we spoke about the Boonana cross-platform malware, using a malicious Java applet to deliver a cross-platform attack that attempts to download further malware to computers running Windows, Unix and Mac OS X.

 

Since then some we have seen variants of the original Boonana attack. The samples we have seen have been functionally the same, with the hackers behind them seemingly having obfuscated their code to try and waltz around detection.

 

Their attempts haven’t been good enough to get past Sophos’s products so far (including our new free anti-virus for Mac home users), and we haven’t had to update our generic detection method.

 

In the samples we have analysed to date, the attack specifically targets Windows and Mac OS X systems, and just happens to infect other platforms that run Java. Depending upon the flavour of Unix, it doesn’t usually complete its ‘life cycle’ if you’re not running Windows or Mac OS X systems.

 

Of course, we will update our detection of Troj/Boonana should we see new variants that require it.

 

In the meantime, watch this video I made last week demonstrating the original version of this attack on Windows, Mac OS X and Ubuntu:

 

By Graham Cluleynakedsecurity.sophos.com



FaceBook Comments



Comments

One Response to “New variant of cross-platform Boonana malware discovered”
  1. informative article mate :)
    Sophos Anti-Virus detects it successfully :) SAY NO TO MALWARE :D

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!