Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Free Removal Tool For Boonana Trojan

SecureMac : 01 November, 2010  (New Product)
Mac users suffering from the Boonana Trojan spread through social networking sites can receive a free removal tool from SecureMac
On October 26th, 2010, SecureMac broke the news of the Boonana Trojan Horse (trojan.osx.boonana.a), a piece of malware which is spreading via social networking sites that is cross platform and affects Mac OS X.

On October 28th, the team at SecureMac released an initial analysis of the Boonana Trojan Horse and created a free removal tool as well as administrative instructions to manually remove the affected machines. All of the information including the analysis of the malware is available at the Boonana Trojan Horse security bulletin page.


The initial infection vector of the Boonana trojan is through a message on social networking sites similar to 'Is this you in this video?' which includes a link to an external site. Upon clicking the link, a java applet will attempt to load in the user's web browser.

During our testing, the malicious Java applet communicated with a Command & Control server, and presented an installer window at a random time after accessing the malicious site. This installer did not indicate that it had been downloaded from the web which indicates it is avoiding the quarantine flag typically set by programs such as Safari....


Threat level discussed: Due to the fact that the Command and Control servers for the malware are still active, gathering information such as IP addresses (most likely for control purposes), as well as the modification of the sudoers file to allow passwordless access, we maintain a threat level rating of critical for trojan.osx.boonana.a. In many cases, especially with botnets, the malware might not initially exhibit malicious behaviour, but can become active at any time as the command and control servers are updated.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo