eWeek: Researchers from security firm F-Secure have reported spotting a rare, cross-platform Trojan in the wild. The malware originated on a Colombian website in the form of a Java applet, which the user must run in order to be infected. What’s unusual about the attack is that it downloads different attack files depending on the operating system of the intended victim. “The JAR file checks if the user’s machine is running in Windows, Mac or Linux then downloads the appropriate files for the platform,” explained F-Secure’s Karmina Aquino.
Although cross-platform malware is somewhat unusual, it’s not unheard of, and this malware isn’t particularly well-crafted. “It’s also interesting to note that the components of this threat are created with readily available hack-tools, namely TrustedSec Social Engineering Toolkit and MetaSploit,” said Lysa Myers, a researcher with security vendor Intego. “This is not something that was cleverly handcrafted, but something that was generated with tools made by other people. And given that the OS X component is not intended for current hardware, it’s likely that the person who planted this threat was not especially technically savvy.”