Password stealing trojan hits Mac OS X and Linux, declared “first in history” to affect both platforms

Russian security firm Doctor Web is reporting the discovery of a password stealing trojan that is taking aim at Mac OS X and Linux. (Should have bought a Windows.)

According to Doctor Web, the maker of Dr. Web Anti-Virus and related products, the BackDoor.Wirenet.1 trojan (a name Dr. Web gave to it) is “designed to steal passwords stored by a number of popular Internet applications”, such as Opera, Firefox, Chrome, Thunderbird, SeaMonkey, and Pidgin. Dr. Web says this trojan also has a keylogger component which logs all the keys you type, stealing passwords that way, too.

This is “the first Trojan in history to steal Linux and Mac OS X passwords”, if Dr. Web is to believed.

Dr. Web does not know exactly how this trojan is spreading but they do say that, when downloaded, this malware creates a copy of itself in home directories (folder% home% / WIFIADAPT.app.app for Mac OS X and  ~ / WIFIADAPT for Linux) and uses AES encryption to communicate with a server located at IP address 212.7.208.65.

Of course Dr. Web wants you to know that you can protect yourself from this trojan by grabbing Dr. Web for Mac OS X or Dr. Web for Linux (the products aren’t free but they do have trials). If you don’t want to shell out the money for Dr. Web, you can either wait until your current anti-virus is updated to clean this trojan (if you have an anti-virus installed, you smug jerk) or manually try to protect yourself by deleting any files/folders named “WIFIADAPT” and blocking the 212.7.208.65 IP address.

Yes, Macs do not get PC [Windows] viruses. Apple doesn’t lie.

[via Forbes | Image via St0rmz]

Related Posts