A malicious piece of Mac malware has been detected by Mac security experts. Security firm Sophos spotted the new Mac malware, which is differently called Crisis and Morcut. The malware is noted as spreading on Macs via a file dubbed “AdobeFlashPlayer.jar.” As per Sophos analysts, ‘jar’ in the file name stands for ‘Java archive.’ The Mac malware arrives as a ZIP file. On opening, the file set frees a class file named WebEnhancer and a pair of other files called, ‘mac’ and ‘win.’ The former one is doubted as the installer of the malware.
Nevertheless, the malware is not seen in the wild by analysts. Yet, it appears a bit risky because once affected the malware can open up a backdoor component that will let hackers on your network access your computer, security analysts warn. “Morcut has kernel driver components to help it hide, a backdoor component which opens up your Mac to others on your network, a command-and-control component so it can accept remote instructions and adapt its behavior, data stealing code, and more,” says Sophos.
Anyhow, security analysts have not yet concluded their findings on this malware. Analysis to find how the malware attacks a Mac still goes on. Sophos analysts are working to learn more about the dangers Crisis and Morcut may inflict to the Mac ecosystem. Maybe, Crisis will be as dangerous as the recently spotted Flashback Backdoor Trojan. “While analysis of this malware is ongoing, Mac users are protected if they are running a good, up-to-date anti-virus,” comments Brett Myroff, chief executive of NetXactics, a Sophos distributor.
“This threat has not been seen in the wild so far, but we are seeing increasing evidence of cyber criminals exploiting the fact that many Mac users still do not protect their computers. There is much less malware for Macs than there is for Windows, but that doesn’t mean it’s non-existent. If Mac users are too laid back about security, they are asking for trouble,” he adds.
Indeed, many security analysts are perplexed to hear that yet another serious Flash-driven malware is targeting Mac computers. As remarked by Myroff, there is much less malware for Macs. Most malware attacks affect Windows PCs. It is a development that requires special diligence from the part of Mac security analysts now. Increased number of Mac malware simply points to the fact that hackers have well managed to break into the network of Macs through Flash-based malware. Security analysts have warned Mac users to uninstall Flash if they don’t find it that necessary to escape their machines from future malware attacks.
It is threatening that the Crisis malware is detected just ahead of the official launch of OS X 10.8 Mountain Lion. Security analysts have found that the malware runs on the recent versions of OS X – the 10.6 and 10.7. That is, it may be a threat for the Mountain Lion, which was released on Wednesday July 27, 2012. Security analysts have warned Mac users across the world to update their antivirus to empower their Macs to fight the Crisis and Morcut malware.