Multiplatform Jacksbot Trojan Now Spreading Infection
Around mid-October 2012, Intego the company, which specializes in Mac security programs, declared finding one fresh Trojan that infected across platforms, and named it Jacksbot. During that point-of-time, albeit Intego described it as one kind of Trojan, the company didn't actually see it spreading. It also didn't know the way the Trojan got installed onto any computer. But, recently Trend Micro posted that it had discovered Jacksbot infecting a few computers.
The Trojan, being one type of Java software, attacks not merely computers running Windows OS, however, it infects those running Linux, Mac or other operating systems too, which work well with JRE (Java Runtime Environment).
Among the functions of the Jacksbot malicious software, one is to embezzle Minecraft passwords. Minecraft is an online video game of sandbox indie kind played through computers. The said function makes Trend Micro feel that Jacksbot may even take the form of a tool that modifies Minecraft. This, a RAT (Remote Access Trojan), is capable of gaining hold over the affected PC using a few backdoor commands from amongst the following: DeleteFile, Corrupt, Chat, KillProcess, GetScreen, GetFile, Restart, ListProcess ListFiles, VisitURL, TakeFile and/or Shutdown.
Specifically, Threat Response Engineer Johanne Demetria at Trend Micro explains that the Jacksbot probably reveals itself like one Minecraft amendment while infecting innocent end-users since it issues one special command which unfolds something like 'Minecarft to seize MC passwords out of the hijacked computer.' Softpedia.com published this dated October 31, 2012.
Demetria further explains that it can well be okay to regard Jacksbot as a RAT since it has the ability to get hold over computers and let the Trojan-controller to carry out different "backdoor commands."
And though Jacksbot is effective on all OSs, which support JRE, Trend Micro, based on analysis, indicates that the Trojan targets chiefly Windows. It's possible the malware authors are simply experimenting for one effectual multiplatform malware; but as of present they don't seem to have any plans.
Moreover, Trend Micro has merely spotted 2 infections hitherto in Malaysia and Australia respectively, but since the malware writers are experimenting the multiplatform way, it simply indicates they're aiming till the last.
Related article: Multiple Flaws Identified in Linux Kernel 2.6
» SPAMfighter News - 10-11-2012