SecureMac has released an initial analysis of the Boonana Trojan Horse and has created a free removal tool as well as administrative instructions to manually remove the affected machines. All of the information including the analysis of the malware is available at the Boonana Trojan Horse security bulletin page.
The initial infection vector of the Boonana trojan is through a message on social networking sites similar to "Is this you in this video?" which includes a link to an external site. Upon clicking the link, a java applet will attempt to load in the user's web browser.
During our testing, the malicious Java applet communicated with a Command & Control server, and presented an installer window at a random time after accessing the malicious site. This installer did not indicate that it had been downloaded from the web which indicates it is avoiding the quarantine flag typically set by programs such as Safari ...
Threat level discussed: Due to the fact that the Command and Control servers for the malware are still active, gathering information such as IP addresses (most likely for control purposes), as well as the modification of the sudoers file to allow passwordless access, we maintain a threat level rating of critical for trojan.osx.boonana.a. In many cases, especially with botnets, the malware might not initially exhibit malicious behavior, but can become active at any time as the command and control servers are updated. Detailed procedures and instructions are also listed in the report.
Get the iClarified Daily Newsletter
Apple news, rumors, tutorials, price drop alerts, in your inbox every evening, free.
Unsubscribe at any time.
Success!
You have been subscribed.
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (1)
Comments are closed for this article.
0
Me - October 31, 2010 at 10:22pm
MS needs to push updates frequently to constantly patch their mess of an O.S. unlike.....
![John Ternus Set to Put His Own Imprint on Apple's Design Team [Report]](/images/news/101251/101251/101251-160.jpg "John Ternus Set to Put His Own Imprint on Apple's Design Team [Report]")
![Google Unveils Gemini-Powered Home Speaker for $99.99 [Video]](/images/news/101241/101241/101241-160.jpg "Google Unveils Gemini-Powered Home Speaker for $99.99 [Video]")
![AirPods Pro 3 Hit New All-Time Low of $169, Save $80 [Deal]](/images/news/101221/101221/101221-160.jpg "AirPods Pro 3 Hit New All-Time Low of $169, Save $80 [Deal]")
![Apple Watch Ultra 3 Drops to $699.99, Save $99 [Deal]](/images/news/101192/101192/101192-160.jpg "Apple Watch Ultra 3 Drops to $699.99, Save $99 [Deal]")
![Save $50 on Beats Powerbeats Pro 2, Now Just $199.95 [Deal]](/images/news/101182/101182/101182-160.jpg "Save $50 on Beats Powerbeats Pro 2, Now Just $199.95 [Deal]")
![AirPods Pro 3 Drop to New All-Time Low of $179 ($70 Off) [Deal]](/images/news/101156/101156/101156-160.jpg "AirPods Pro 3 Drop to New All-Time Low of $179 ($70 Off) [Deal]")
![Apple Watch Series 11 is Back on Sale for Just $299 [Deal]](/images/news/101081/101081/101081-160.jpg "Apple Watch Series 11 is Back on Sale for Just $299 [Deal]")
