Researchers at F-Secure have uncovered a new exploit that attempts to install backdoor malware on Windows, Linux and versions of MAC OS X operating systems. While malware in general is common, cross platform vulnerability is a relatively new concept and serves as a reminder to keep your software up to date, regardless of which operating system you use.
The multi-platform malware was first discovered on a Columbian transport website and uses a modified Java applet with a self-signed security certificate. All operating systems should flag the certificate and present a warning but if a user continues to run the Java applet then additional malware will be downloaded. Legitimate online services and retailers use web security certificates to authenticate transactions and ensure service are legitimate and secure. While there are instances where a self-signed certificate is acceptable in most cases it is in your best interest to refuse them until you can verify their origin.
If you encounter a questionable website remember that anyone can check the security level of the site. You can view a website’s security certificate by clicking on the secure connection indicator that will appear in or near your Web browser’s address bar. Internet Explorer 9 displays this information to the right of the address but every browser is slightly different.
While this particular piece of malware should be avoidable it’s important to remember that as attacks become more sophisticated the best source of protection is threat awareness and an up-to-date operating system.
– Richard Keene
IT Computer Support of New York
Design and Optimization Department
