A Mac version of the infamous Koobface worm has been discovered for the first time.
The malware propagates via social networks like Facebook and Twitter, and once installed via a Trojan horse, it implants a rootkit, a backdoor as well as a command and control centre.
Intego's Virus Monitoring Centre had been tracking the Mac version of the worm but did not feel compelled to issue a release about it given the low risk it posed.
The security firm has discovered a number of infections in the wild, although they have not caused any noticeable damage.
"Either the malicious malware has bugs preventing it from running correctly, or the servers it contacts are not active or are not serving the correct files," Intego said.
"While this is an especially malicious piece of malware, the current Mac OS X implementation is flawed and the threat is therefore low."
Koobface attackers use social engineering tricks to get users to click on a link, which will direct the target to a malicious website that will then try to load a Java applet.
This will bring up a standard Mac OS X Java security alert and if the user clicks Allow' the applet will run and try to download files from one or more remote servers.
"If files are downloaded, they are stored in an invisible folder (.jnana) in the current user's home folder," Intego explained.
"These files include elements designed to infect Mac OS X, Windows and Linux. The Java applet should also download an installer that will then launch and attempt to install the malware."
Koobface was first spotted in 2008, using subject headers such as "You look just awesome in this new movie," to lure users in.
Earlier this year, it emerged Koobface attackers were tracking the success of their fake YouTube pages.
-
Latest Meta GDPR fine brings 12-month total to more than €1 billionNews Meta was issued with two hefty GDPR fines for “forcing” users to consent to data processing
-
"Unacceptable" data scraping lands Meta a £228m data protection fineNews The much-awaited decision follows the scraping of half a billion users' data and received unanimous approval from EU regulators
-
Meta notifies around 1 million Facebook users of potential compromise through malicious appsNews The vast majority of apps targeting iOS users appeared to be genuine apps for managing business functions such as advertising and analytics
-
Twitter API keys found leaked in over 3,200 apps, raising concerns for linked accountsNews Business and verified Twitter accounts linked to affected apps are at risk of takeover, use in malicious campaigns
-
Facebook business accounts hijacked by infostealer malware campaignNews Threat actors are using LinkedIn phishing to seize business, ad accounts for financial gain
-
Meta begins encrypting Facebook URLs, nullifying tracking countermeasures
News The move has made URL stripping impossible but will improve analytics
-
Meta hit with €17 million fine over multiple GDPR breachesNews The social media giant set aside over €1 billion in November to help it cope with potential fines arising from data protection investigations
-
Meta says Apple's iOS privacy changes will cost it $10 billion in 2022News The company's CFO suggests Google "faces a different set of restrictions" because it pays Apple to remain the default iOS search engine
