Posted by: David Harley | October 27, 2010

Mac Trojan spreads through Facebook (etc.)

SecureMac has reported a new Mac Trojan it calls trojan.osx.boonana.a spreading through social networking sites (Facebook is mentioned by name), passing itself off as a video and using the well-worn “Is this you in this video?” social engineering hook so familiar to connoisseurs of Windows malware. And in fact, this threat is also associated with specific Windows malware. 

The description suggests a Trojan downloader (a Java applet) that leads to the running of an installer that modifies system files so that an outside attacker doesn’t need passwords to access the system, and checks a C&C server (standard botnet stuff) periodically. Apparently it’s also being spammed out through email.

More information at Mac World have also referenced the SecureMac posting at

While this threat can be mitigated by turning off Java in your browser (SecureMac give instructions for turning it off in Safari), even better protection is afforded by staying alert for blatant social engineering. 😉


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: