Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Boonana Mac Trojan was ‘not Koobface’, says Microsoft

Facebook 'Mac-PC-Linux' malware is new after all

Article comments

The widely-reported ‘Boonana’ Trojan was a new piece of malware after all and had nothing directly to do with Koobface, Microsoft and other security companies have reported a week after the event.

At the time, Mac security software company SecureMac reported Boonana as trojan.osx.boonana.a, later identified by Mac security specialist Intego and other companies as a variant of the Koobface worm that has been attacking Facebook users since 2008.

However, according to Microsoft, ESET and SecureMac, the similarity with Koobface doesn’t appear to stretch beyond its general tactics and the fact that it attacks using Facebook and other social media sites. At a code level, what Microsoft now identifies as  Trojan:Java/Boonana is a distinct piece of malware.

The main significance of Boonana could be that its Java design allows it to attack both Windows PCs and Apple Mac computers, and at least run on Linux, the first time such a design has been seen since the age of Macros viruses in the 1990s. Where the software hails from is unknown although one of its first actions on infecting computers is to try to contact a Russian FTP server.

The fact that Boonana is distinct family of malware rather than a variant matters in a small but important way. A new branch of malware capable of attacking across operating systems suggests a new direction in malware innovation. If Boonana was a simple variant it might count more as a one-off experiment.

Programming and platforms apart, Boonana’s use of Facebook often shows that social engineering skill is its real forte. Originally pushed with basic ‘watch this video’ lures, the malware has subsequently tried more sophisticated messages, including one based on an apparent suicide notice.

“As you are on my friends list I thought I would let you know I have decided to end my life. For reasons that will be clear please visit my video on this site. Thanks for being my friend,says one reported by ESET.  As with much contemporary malware, the platform is secondary in the mind of the creator. It is the user that is being attacked first and foremost.




Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *