14 DAY TRIAL // Russian anti-virus company Doctor Web has released an advisory on the emergence of the first cross-platform backdoor to affect OS X and Linux. BackDoor.Wirenet.1 is the first Trojan of its kind capable of running under the two OSes.
The malware is reportedly designed to steal passwords stored by “Internet applications” (web browsers) including Opera, Firefox, Chrome, and Chromium, says Dr. Web.
“BackDoor.Wirenet.1 is the first such Trojan capable of running under any of these operating systems,” it points out.
The Russian AV software vendor is unsure how the Trojan spreads, but the company says it has added its existence to the Dr.Web virus database as BackDoor.Wirenet.1.
The advisory explains that when BackDoor.Wirenet.1 is launched, it creates a copy of itself in the user's home directory and uses the Advanced Encryption Standard (AES) to communicate with its control tower. Dr. Web has identified the IP address as 212.7.208.65.
“BackDoor.Wirenet.1 also operates as a keylogger (it sends gathered keyboard input data to intruders),” Dr. Web cautions.
“in addition, it steals passwords entered by the user in Opera, Firefox, Chrome, and Chromium, and passwords stored by such applications as Thunderbird, SeaMonkey, and Pidgin,” reads the security bulletin.
As expected, Dr. Web promotes Dr.Web for Mac OS X and Dr.Web for Linux as the appropriate anti-malware tools to rid your system of this Trojan.
“Anti-virus software from Doctor Web successfully detects and removes the backdoor, so the threat does not pose a serious danger to systems protected by Dr.Web for Mac OS X and Dr.Web for Linux,” says the company.
Dr.Web Anti-virus for Mac OS X offers basic protection against viruses and other types of malware targeting not only Mac OS X, but also other operating systems, in order to keep Macs from spreading malware to other platforms.