A new form of Java malware has a multifaceted approach as it can infect Apple and Windows machines, Symantec said.
A strain of Java Applet malware either drops a Python-based malware in Mac operating systems or an executable-form of malware in Windows computers, said Symantec researcher Takashi Katsuki. If opened, either form of malware could launch a Trojan that could trigger a back door on the computer, regardless of the platform.
The malware exploits the Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability (CVE-2012-0507) to download the malware.
The Mac back door Trojan can currently only control polling times, or “how many times it gets commands from the server at certain time intervals,” Symantec said. If enabled however, the Trojan can also download files, list files and folders, open a remote shell, sleep or upload files.
The Trojan for Windows can send information about the infected computer and disk, its memory usage, OS version and user name, in addition to downloading and executing files and opening shells to receive commands.
The news of this malware comes on the heels of Flashback and SabPub, two forms of malware that have been targeting Mac users throughout the first quarter via another vulnerability in Java.
The vulnerability CVE-2012-0507 — an older Java flaw just blocked by Mozilla’s Firefox – saw use by some Flashback variants earlier this month, before Apple patched it.