Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers
By: Lucian Constantin, PC World
A new Web-based social engineering attack that relies on malicious Java applets attempts to install backdoors on Windows, Linux and Mac computers, according to security researchers from antivirus vendors F-Secure and Kaspersky Lab.
The attack was detected on a compromised website in Colombia, F-Secure senior analyst Karmina Aquino, said in a blog post on Monday. When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority.
If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform.
The files are detected by F-Secure as "Backdoor:OSX/GetShell.A," "Backdoor:Linux/GetShell.A" and "Backdoor:W32/GetShell.A." Their purpose is to connect to a command-and-control server and look for additional malicious code to download and execute.