Thursday, April 27, 2017
Home / Malware / Mac and Windows Targeted by Same Malware

Mac and Windows Targeted by Same Malware

Symantec has reported the finding of a new strain of malware that is targeting both Mac and Windows, after OSX.Flashback was patched by Apple which infected over 600,000+ computers report by Symantec:

Threat Assessment

Wild Level: Low
Number of Infections: 0 – 49
Number of Sites: 0 – 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy
Damage Level: Medium
Releases Confidential Info: Gathers information from the computer.
Distribution Level: Low

This new strain checks what OS the victim is running and then attempts to exploit the system using   Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability (CVE-2012-0507) and then downloads the correct malware onto the computer.

The code that is embeded into the webpage that checks what OS the victim is running:

 

Many believe we will see a lot more of this in the future, as the Mac user base grows, eventually it might even reach a point where all malware will be able to run on linux, mac and pcs.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …