Russian security firm Dr.Web has identified a new Trojan named BackDoor.Wirenet.1 which runs on both Linux as well as Mac OS X. This is the first ever cross platform Trojan that has been discovered to affect both of the aforementioned operating systems.
At the moment, a lot of information is not available on this malware. But the research is going on and it is said to steal passwords from all of the popular browsers such as Safari, Chrome, Opera and Chromium. It also steals passwords from applications such as Thunderbird, SeaMonkey and Pidgin.
According to Dr.Web, when executed, the Trojan copies itself to the user’s home directory – that is % home%/WIFIADAPT.app.app in MAC OS X and ~/WIFIADAPT in Linux.
Cross platform Trojans are not rare. Trojans that affect Windows and Macs have been identified in the past. A recently discovered Trojan used to check which Operating System the affected user was running and downloaded the payload accordingly. Another one was discovered in May that used unpatched Java vulnerability to open backdoors in Windows and Mac. But as I mentioned before, this is the first time that a cross platform Trojan affecting Mac and Linux has been discovered. We will be updating this article as more details are released.