By Greg Mills
There have been reports of a trojan attack on the Mac OS X. While not a reason to panic, a “trojan horse” bit of malware has been making the rounds. The malware is called a trojan because it appeals to our vanity somehow and gets us to accept something with a hurtful thing inside.
It runs a Java applet and is cross platform so Windows users are also vulnerable. The next Mac OS X security update will likely protect you, but for now just don’t download the bait.
The epic story of the Trojan Horse is from ancient times where a walled city had been under attack for a long time and the invaders failed to breech the walls. Rather than give up, the invaders built a large wooden horse with a space inside to hide some soldiers. The invaders rolled the horse up to the city gates and then left the area to make it appear they had given up.
The Trojans rejoiced that they had won and hauled the horse inside the walls, considering it a tribute to their victory. In the middle of the night the hidden soldiers exited the hollow horse and opened the city gates to their army for a sneak attack that turned the retreat into victory.
The reason such an attack as the Boonana Trojan Horse is named after the ancient victory is that your computer has firewalls and password protection built in that protects you from your computer being taken over by someone else remotely. When you open the protective city gates and allow something to be download over the Internet, you ought to be darn sure it is not malware. The popup message, “XXXXX xxxx is an application downloaded from the Internet. Are you sure you want to open it?” should make you think twice. Not everyone in cyberspace is nice. Download things from reputable sites and even then be wary.
This particular malware is spreading over the social network sites and poses as a message from someone you don’t know or even someone you do know. It asks the question “Is this you, in this video?” The links to the malware uses questions that are likely to draw the gullible into clicking the link.
When your computer loads the site, a Java applet is loaded that isn’t a video. It is a Trojan Horse virus designed to take over your computer remotely and steal your contact email addresses. Then it send messages to all your friends asking them “Is this you, in this video?” This way the virus is spread far and wide. The virus then “phones home” to tell some hacker somewhere that your computer is now available to them for who-knows-what.
If you recall seeing the “Is this you, in this video?” message lately and you clicked on the link and strange things happened but no video of you was at the link, you may have been infected. There is a free fix available from SecureMac.com.
Go to http://macscan.securemac.com/files/BTRT.dmg . That link is safe to use, follow the instructions and be careful in the future. You might also advise your contact list that any message that appears to be from you regarding a video with then in it should not be opened.
This vulnerability is Java based so the Mac OS X operating system is not the problem. Java may be done away with as was Flash, which Apple has taken a lot of heat over. The Mac is not invulnerable to attacks of malware, so don’t just glibly think you can open anything and not have a problem. We are much more fortunate than the Windows victims as the old saying goes, “open a Window and bugs, viruses, worms and Trojan horses are bound to come in.
That’s Greg’s bite for today.
(Greg Mills, is a Faux Artist in Kansas City. Formerly a new product R&D man for the paint sundry market, he holds 11 US patents. He’s working on a solar energy startup, www.CottageIndustrySolar.com using a patent pending process of turning waste dual pane glass into thermal solar panels used to heat water. Greg writes for intellectual web sites and Mac related issues. See Greg’s art web site at www.gregmills.info ; His email is gregmills@mac.com )