Last week we spoke about the Boonana cross-platform malware, using a malicious Java applet to deliver a cross-platform attack that attempts to download further malware to computers running Windows, Unix and Mac OS X.
Since then some we have seen variants of the original Boonana attack. The samples we have seen have been functionally the same, with the hackers behind them seemingly having obfuscated their code to try and waltz around detection.
Their attempts haven’t been good enough to get past Sophos’s products so far (including our new free anti-virus for Mac home users), and we haven’t had to update our generic detection method.
In the samples we have analysed to date, the attack specifically targets Windows and Mac OS X systems, and just happens to infect other platforms that run Java. Depending upon the flavour of Unix, it doesn’t…
Read more in my article on the Naked Security website.