Mac Malware Alert Surfaces as Mountain Lion Goes Live [REPORT]

 By 
Todd Wasserman
 on 
Share on Facebook Share on Twitter Share on Flipboard
Mac Malware Alert Surfaces as Mountain Lion Goes Live [REPORT]
Mashable Image
Credit:

Just as Mac OS X Mountain Lion is going live, security firm Sophos has identified a nasty piece of Mac malware.

The malware, known as Crisis and Morcut, arrived via a file named "AdobeFlashPlayer.jar." The "jar" in this case refers to "Java archive" and are just a ZIP file by another name, according to Sophos. In this case, opening the file will unleash a .class file named WebEnhancer, and "two unassuming-looking files named win and mac." The "mac" is an installer for Crisis or Morcut

However, the good news is that the WebEnhancer applet will trigger the digital signature alert below:

Mashable Image
Credit:

The researcher warns, though, that the malware doesn't necessarily have to be delivered via a ".jar" file -- that's just the way it came about in this case. If you do download Morcut/Crisis, then beware. According to Sophos, "Morcut has kernel driver components to help it hide, a backdoor component which opens up your Mac to others on your network, a command-and-control component so it can accept remote instructions and adapt its behaviour, data stealing code, and more."

SEE ALSO: 3 Ways to Protect Your Mac From Malware

Sophos warns Mac users not to assume that they're safe from malware attacks. Indeed, such threats have been on the rise as the platform has grown in popularity. Another piece of advice is to uninstall Java if you don't need it. "That leaves one less convenience for malware writers."

Have you run across WebEnhancer? Let us know in the comments.

The biggest stories of the day delivered to your inbox.
These newsletters may contain advertising, deals, or affiliate links. By clicking Subscribe, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up. See you at your inbox!