New Web exploit targets multiple platforms

JMH · Jul 11, 2012

Researchers at F-Secure have uncovered a new exploit that attempts to install a backdoor malware program on Windows, Linux, and OS X machines. As with other malware, this uses social engineering approaches to try tricking users, but in addition it runs a check to see what operating system the user is running and then issues a malware installer for that platform.

The attack was found on a Columbian transport Web site, where once visited, a Java applet would run using a self-signed certificate. On all platforms this certificate will flag a warning that notifies the user it is not from an authorized signing agency, but if the user continues to execute the Java applet then it will download a binary for the respective platform, which will connect to a server and download additional components of the attach, using TCP ports 8080 for OS X, 8081 for Linux, and 8082 for Windows.

http://reviews.cnet.com/8301-13727_...?part=rss&tag=feed&subj=News-Security&Privacy

JMH · Jul 11, 2012

Multi-platform backdoor malware targets Windows, Mac and Linux users

http://nakedsecurity.sophos.com/201...Feed:+nakedsecurity+(Naked+Security+-+Sophos)

New Web exploit targets multiple platforms

JMH

Emeritus, Contributor

JMH

Emeritus, Contributor