New variant of cross-platform Boonana malware discovered

Graham Cluley
@gcluley

Last week we spoke about the Boonana cross-platform malware, using a malicious Java applet to deliver a cross-platform attack that attempts to download further malware to computers running Windows, Unix and Mac OS X.

Since then some we have seen variants of the original Boonana attack. The samples we have seen have been functionally the same, with the hackers behind them seemingly having obfuscated their code to try and waltz around detection.

Their attempts haven’t been good enough to get past Sophos’s products so far (including our new free anti-virus for Mac home users), and we haven’t had to update our generic detection method.

In the samples we have analysed to date, the attack specifically targets Windows and Mac OS X systems, and just happens to infect other platforms that run Java. Depending upon the flavour of Unix, it doesn’t…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.