A new Java backdoor trojan called Java/Jacksbot.A has been discovered that has partial multiplatform support, according to Intego (www.intego.com), which makes security software. It’s fully functional on Windows, and partially functional on OS X and Linux.
Intego says the trojan is currently considered low risk as it’s not known to have infected users, and it doesn’t run without root permissions. Jacksbot has the usual backdoor functionality, including the following capabilities: gathering system information; taking screenshots; performing denial of service attacks; deleting files
stealing passwords (including specifically Minecraft passwords); and visiting remote URLs, likely to perform Clickfraud.
“It appears likely that this trojan is intended to be dropped by another component that has not yet been identified,” says Intego. “The present component will exit with an error message if the Java archive is not run with root permissions. There is also no functionality to trick the user into running the file. We will post additional information about the threat as more is discovered.”
The company says its Intego VirusBarrier users with up-to-date virus definitions are protected from this threat, which is detected as Java/Jacksbot.A.