My 10/31/10 Missoulian column
There’s a new form of malware that is making the rounds of social networking sites called Koobface. It’s not new; Koobface (who thinks up these names, anyway?) has been infiltrating Windows PCs since 2008 via social networking sites.
But what’s different this time is the new form of Koobface is a Mac version that affects OS X.
Koobface was a big deal in 2008, when it ran wild on Facebook. Koobface spread fast because the malware authors enticed users (via their sense of curiosity and vanity) to click on a link with the line “Is this you in this video?”
Naturally, you might be interested if it really is you in the video, and what exactly you might be doing that you’d rather not everyone else on Facebook see.
If you clicked, you got Koobface, which installed backdoor controls on your PC, turning it into a remote controlled “zombie” that spreads more malware and spam to all your Facebook friends and e-mail contacts.
This new variant of Koobface can infect Macs because the malware is written in Java, which is a language that runs cross-platform. That means a program written in Java for Windows will also run on a Mac and under OS X.
This is a demonstration of a change of course for many malware authors. There has been a huge uptick in the number of attacks on Windows PCs via Java – Java is now the most common vector of malware – because of the ease of programming with Java, and the security holes in Java, too.
And now Macs are seeing an uptick in attacks via Java for the same reasons.
But it’s important to remember that you can’t get Mac Koobface very easily. First, you have to go to a website or click on an e-mailed link that leads to the site that has the malware.
And then you have to click to let Koobface install itself. Under OS X, Java-based applets must get your permission to run. And if you deny permission to an applet, you’re safe.
So if you’re on Facebook or you get an e-mailed link, and you get advisory that says an applet is requesting access to your computer, be very wary. It’s that simple. If you click “Deny,” you’re safe.
Next week: Java as the new malware and how to turn Java off in your browser.
This week in Mac Q & A: Do I Need Antivirus For My Mac?