New Mac OS X Trojan: Boonana malware Archived
Virus Name: trojan horse, trojan.osx.boonana


Virus Description:

Posted: October 26th, 2010
Updated: November 4th, 2010

SecureMac has discovered a new trojan horse in the wild that affects Mac OS X, including Snow Leopard (OS X 10.6), the latest version of OS X. The trojan horse, trojan.osx.boonana.a, is spreading through social networking sites, including Facebook, disguised as a video. The trojan is currently appearing as a link in messages on social networking sites with the subject "Is this you in this video?"


Update: Nov 4th, 2010

Trojan Horse Alert: A new variant of the Boonana malware, first documented and named by SecureMac, has been discovered by ESET. The new variant, trojan.osx.boonana.b, behaves in a very similar manner to the original malware, and is currently being distributed on multiple sites. In addition to the website documented by ESET as currently distributing the malware, SecureMac has identified two more websites that are currently hosting the new malware variant. Rather than the initial site which tricks users into running (and installing) the malware, these servers seem to be hosting update code for the malware.
Read More

Visit the Boonana advisory page http://www.securemac.com/boonana-bulletin.php for more details about the Trojan horse trojan.osx.boonana.a including initial analysis and removal instructions or download Boonana Trojan Horse Removal Tool at http://macscan.securemac.com/files/BTRT.dmg directly.


Recommended Action:

Download an run the removal tool at:
http://macscan.securemac.com/files/BTRT.dmg

Also download and install Symantec End Point (SEP) for Macintosh at:
http://www.queensu.ca/its/software/mac.html