Warning out vs new cross-platform malware

Security vendors warned computer users over the weekend against a new malware that can potentially affect various platforms that support Java.

 

In a blog post, Trend Micro pointed out at least one computer has been found infected in Australia, and another in Malaysia.

 

"Because it is a Java application, it can run on any platform that supports the Java Runtime Environment. When it was first reported, it was considered low risk and no actual infection was recorded. However, days after the report was released, Trend Micro successfully cleaned two infection counts; one in Australia and one in Malaysia. This indicates that the malware is now being distributed in the wild," Trend Micro's Johanne Demetria said.

 

Demetria described Jacksbot as a remote-access Trojan that can take control of an infected system, with backdoor commands for all operating systems.

 

The malware may present itself as a modification to "Minecraft" as it contains the special command "MC" to steal "Minecraft" passwords, Demetria added.

 

However, Demetria said it appears the malware's main target appears to be computers running Windows.

 

"A deeper look into the malware’s routines reveals that it is capable of visiting URLs, creating files and/or folders, running shell commands as well as executing and ending programs. It can also steal information by logging keystrokes and mouse events," Demetria said.

 

For now, Trend Micro advised users to "be cautious before downloading files from suspicious URLs, especially cracks or hacks, as these may lead to the system compromise."

 

Meanwhile, security vendor Intego, which discovered the malware last October, said the malware is capable of:

 

- gathering system information

- taking screenshots

- performing denial of service attacks

- deleting files

- stealing passwords

- visiting remote URLs, likely to perform Clickfraud

 

— TJD, GMA News