A little more news/speculation about OSX/Koobface.A and/or trojan.osx.boonana.a: while I still haven’t seen any samples myself, one researcher for another company has expressed some doubt as to whether these are the same malware. However, John E. Dunn is clearly assuming that it is in an article at TechWorld.
And while I was looking for the references that @stevejoblard mentioned from Apple support forums, I found a couple of resources maintained by Thomas Reed.
- Thomas’ Corner Guide to Macintosh Viruses: http://www.reedcorner.net/thomas/guides/macvirus/
- Thomas’ Corner Macintosh Malware Catalog: http://www.reedcorner.net/thomas/guides/macvirus/malware_catalog.shtml
I’ve only skimmed, but while I disagree with a lot that he says, and will take up a few minor inaccuracies with him when I have time, there is room for disagreement in this area. Given that there’s so little information on Mac malware available in general, you might find this a useful resource.
David Harley CITP FBCS CISSP
Mac Virus Administrator
Small Blue-Green World
This is true, there is so little information available on Mac malware that the Koobface is still a bit of a mystery.
We do however know that it does NOT act as a drive-by download, so if you get asked to download a Java Application, do NOT click ‘allow’ or ‘download’.
Thanks for reading, have a nice day!
Alex
By: Alex on October 28, 2010
at 19:51