Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers
By: Lucian Constantin, PC World
A new Web-based social engineering attack that relies on malicious Java applets attempts to install backdoors on
Windows, Linux and Mac computers, according to security researchers from antivirus vendors F-Secure and Kaspersky
The attack was detected on a compromised website in Colombia, F-Secure senior analyst Karmina Aquino, said in a
blog post on Monday. When users visit the site,
they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority.
If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS
X or Linux -- and drops a malicious binary file for the corresponding platform.
The files are detected by F-Secure as "Backdoor:OSX/GetShell.A," "Backdoor:Linux/GetShell.A" and
"Backdoor:W32/GetShell.A." Their purpose is to connect to a command-and-control server and look for additional
malicious code to download and execute.