Sophos is warning of a new malware that targets both Windows and Mac OS X operating systems.
The security company says that the Morcut Mac OS X malware, also known as ‘Crisis’, is a Trojan, hidden inside a multi-platform Java attack, that is disguised as Adobe Flash Player. When run on an OS X system, the malware drops multiple components, reconfigures system settings and installs a backdoor and rootkit combination that connects to a remote server and waits for instructions from malicious hackers. On a Windows system, a version of the Swizzor malware is installed instead.
The company says that although Morcut Mac has yet to be seen in the wild, it is a sophisticated attack that could catch OS X users if they are not using an up-to-date anti-virus application.
“Analysis of this malware is ongoing, but Mac users are protected right now if they are running a good, up-to-date anti-virus,” said Graham Cluley, senior technology consultant for Sophos. “The good news is that this threat has not been seen in the wild so far, but we are seeing increasing evidence of cybercriminals exploiting the fact that many Mac users have still not got the message that they need to protect their computers. There is much less malware for Macs than there is for Windows, but that doesn’t mean it’s non-existent. If Mac users are too laid-back about security and leave their bellies exposed, they’re asking for trouble.”
Sophos has a free anti-virus for Mac home users available here.
