|03 Nov 2012||#1|
| || |
Jacksbot Java malware can take control of Windows, Mac, and Linux
Two weeks ago, Mac security software company Intego discovered malware which it classified as “a new Java backdoor trojan called Java/Jacksbot.A.” New threats are discovered all the time, but Intego later concluded that even though Jacksbot is a variant of the Java remote access tool (RAT) created by the jailbreaking group Redpois0n, it can target multiple platforms.
New Multiplatform Backdoor Jacksbot Discovered
A new Java backdoor trojan called Java/Jacksbot.A has been discovered that has partial multiplatform support. It is fully functional on Windows, and partially functional on OS X and Linux. This trojan is currently considered low risk as it is not known to have infected users, and it does not run without root permissions. Jacksbot has the usual backdoor functionality, including the following capabilities:
gathering system information
performing denial of service attacks
stealing passwords (including specifically Minecraft passwords)
visiting remote URLs, likely to perform Clickfraud
JACKSBOT Has Some Dirty Tricks up Its Sleeves
Contrary to initial reports, JACKSBOT may not be as low risk as initially thought. We noted some JACKSBOT infection in the wild, indicating that the people behind this multiplatform malware are saving their best tricks for last.
We analyzed the JACKSBOT backdoor family (specific detection name JAVA_JACKSBOT.A) that arrives as a Java application. Because it is a Java application, it can run on any platform that supports the Java Runtime Environment. When it was first reported, it was considered low risk and no actual infection was recorded. However, days after the report was released, Trend Micro successfully cleaned two infection counts; one in Australia and one in Malaysia. This indicates that the malware is now being distributed in the wild.
There is a possibility that this malware presents itself as a Minecraft modification to unsuspecting users as it contains the special command “MC” for stealing Minecraft passwords from the compromised system.
|My System Specs|
|Similar help and support threads for2: Jacksbot Java malware can take control of Windows, Mac, and Linux|
|Linux/Cdorked Malware Attacking Some of the World’s Top Web Servers||Security News|
|Repetitive Java Malware/virus||General Discussion|
|Where is the Java Update tab in the Java Control Panel?||Software|
|Microsoft: Windows, Mac malware gets in via Adobe, Java, Office||Security News|
|Multi-platform backdoor malware targets Windows, Mac and Linux users||Security News|
|Linux repository hit by malware attack||Chillout Room|
|Linux users -- Browsers / Malware still EASILY possible||System Security|