Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers

July 11, 2012

Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers

By: Lucian Constantin, PC World

A new Web-based social engineering attack that relies on malicious Java applets attempts to install backdoors on Windows, Linux and Mac computers, according to security researchers from antivirus vendors F-Secure and Kaspersky Lab.

The attack was detected on a compromised website in Colombia, F-Secure senior analyst Karmina Aquino, said in a blog post on Monday. When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority.

If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform.

The files are detected by F-Secure as "Backdoor:OSX/GetShell.A," "Backdoor:Linux/GetShell.A" and "Backdoor:W32/GetShell.A." Their purpose is to connect to a command-and-control server and look for additional malicious code to download and execute.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers

Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers

About Kaspersky

Related Articles Press Releases

Kaspersky Lab Joins Forces with Merchant Risk Council to Help Combat eCommerce Fraud

Kaspersky Lab North America Recognized on CRN’s 2018 Security 100 List

Kaspersky Lab North America Releases its Inaugural Corporate Social Responsibility Report

Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment

Poor Security Practices put Cloud-Driven Business Growth and Cost Savings at Risk

Kaspersky Lab Story of the Year 2017: More Than One Quarter of Ransomware Attacks Target Businesses

Kaspersky Lab Survey: IT Security Experts Uncertain on How to Combat Targeted Attacks

Kaspersky Lab Creates Pop-Up Shop Experience Using New Currency to Showcase the Value of Personal Data

Kaspersky Lab Enters Endpoint Detection and Response Market with New Solution

Kaspersky Lab North America Champions National Cyber Security Awareness Month 2017