Skip to main content

Multiple operating systems targeted by newly detected malware

In the wake of DNSChanger, security analysts at F-Secure have discovered a new security threat that targets computer users on multiple operating systems.

In a blog post, F-Secure senior analyst Karmina Aquino said F-Secure "recently came across a compromised Colombian Transport website where the malware author utilizes social engineering by displaying a signed applet upon visiting the page."

Analysts found that the Java Archive (JAR) file "checks if the user's machine is running in Windows, Mac or Linux then downloads the appropriate files for the platform."

Regardless of the operating system, meanwhile, all three files "behave the same way," F-Secure said.

Mac users might not have to worry too much, though. The malware won't run on any Intel-based Macs unless they have Rosetta, a Mac OS X component that dynamically translates most code written for IBM's PowerPC processor and lets it run on Intel chips.

Rosetta was included with OS X Leopard and was optional with Snow Leopard, but Apple dropped it from Lion. As a result, this malware won't affect Macs with Lion or Snow Leopard unless users have added Rosetta.

As PCMag analyst Fahmida Rashid noted, there has been malware targeting multiple operating systems in the past, but the key point here is that it's crude and easily detected.

Mac OS X malware has made headlines recently, particularly the Flashback Trojan. It was particularly noteworthy because Apple has long touted the security of its operating system as compared to Windows. But reports of increased security vulnerabilities on Macs are probably more a function of its growing popularity than decreased safety. Still, Apple recently removed from its website the claim that its Mac operating system is not susceptible to PC viruses.

New reports suggest that threats for non-Windows machines, including mobile devices, are on the rise.