{"id":5069,"date":"2012-07-13T19:18:18","date_gmt":"2012-07-14T02:18:18","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=5069"},"modified":"2016-02-12T10:28:42","modified_gmt":"2016-02-12T18:28:42","slug":"another-multi-platform-trojan-variant-discovered","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/another-multi-platform-trojan-variant-discovered\/","title":{"rendered":"Another Multi-Platform Trojan Variant Discovered"},"content":{"rendered":"

Earlier this week we wrote about a new multi-platform Backdoor trojan<\/a> that uses a Java component to determine which OS is being used and then delivers a different version of the threat for Windows, Linux or OS X. Previous variants would not work on OS X versions newer than Snow Leopard as the threat required Rosetta to function on Intel hardware.<\/p>\n

Now a new variant has been discovered that no longer has this restriction on OS X. This is not unexpected with threats generated by kits, such as the previous\u00a0 variant \u2013 it\u2019s common to continue modifying the threat over time to make more effective malware. We’ve seen this with a variety of recent OS X threats such as Tibet<\/a>, Sabpab<\/a> and Flashback<\/a>.<\/p>\n

Because malware authors frequently try to refine their creations over time, we always endeavor to add generic detection for threats that will protect against new variants. This new Backdoor is another case where generic detection has been effective; components of the new variant are detected with current virus definitions as OSX\/ShellCode.gen or OSX\/MetaData.gen.<\/p>\n

In order to protect yourself against this new threat, make sure you have the latest virus definitions for Intego VirusBarrier X6<\/a>. You may also wish to disable Java, as this is frequently used by malware to silently install new malware.<\/p>\n","protected":false},"excerpt":{"rendered":"

There has been a new variant of a multi-platform Backdoor trojan discovered that no longer requires Rosetta to be run on OS X using Intel hardware. It uses a Java component to determine what OS is being used, and then delivers a different version of the threat for Windows, Linux or OS X.<\/p>\n","protected":false},"author":6,"featured_media":4535,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[190,5],"tags":[30,86,132],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\n