Intego Discovers Fresh Java Exploiting Malware
Researchers from Intego the security company state that they discovered one fresh malware that seemingly abuses security flaws in Java. Given the name, 'Tibet.A' this malicious threat abuses a flaw which's repaired within updated Macs, however, that's obtainable when end-users do not run system updates.
To work, Tibet.A first pulls down one Java applet from the Internet, after Web-surfers are made to access one booby-trapped site. In case Java is not made up-to-date within the Mac machine; Tibet.A plants a backdoor via a method that's getting more-and-more popular. This enables the malware to copy credit card details, usernames and passwords of the infected end-user and then transmit all of them onto remote servers. Importantly, the sites delivering Tibet.A examine for determining the infected PC's type i.e. whether it's a Windows or Mac computer following which they deliver a suitable Tibet variant.
Meanwhile, Web-surfers, who become enticed towards visiting the contaminated sites, are initially sent e-mails, which carry web-links pointing to the same. Within the current instance, these e-mails, observably, target NGOs in Tibet, while the assault is possibly devised for acquiring data solely from the said non-governmental organizations.
It may be interesting to note that the Tibet.A is one lone inclusion into the malware classification of only a few members, which have presently got created specifically for OS X. The classification, comprising fewer than 70 strains, represents one tiny numbered group against the millions that get created per annum, suiting Windows computers. Besides, Tibet.A along with the huge familiar malware programs that mostly target OS X are threats developed as Trojan horses, which don't proliferate uncontrollably in an automatic fashion rather are based on duping the end-user, with say spam mails (like within the current case), into loading them.
However, for remaining safe from this malicious program, it's advisable that Internauts routinely update their computers. Further, they must disable functionalities like Flash plug-ins, Java or likewise when not utilized frequently. This can be done, in the case of Safari, via going to its 'Security Preferences' and then clicking on "Enable Java" that'll do the opposite i.e. disable Java, Intego's researchers recommend.
Related article: Indictment On Two Ohio Men For Selling Porn DVDs
» SPAMfighter News - 03-04-2012