The Mac is facing another dangerous malware onslaught, but this time cybercriminals are targeting Linux, too. Dr. Web, the same people who caught the infamous Flashback Trojan earlier this year, say that Wirenet is being used to steal the passwords of Mac and Linux users.
Wirenet targets passwords stored in browsers like Chrome, Firefox, and Opera (strangely, it doesn’t seem to be targeting Safari, the Mac’s default browser), as well as email and messaging apps Thunderbird and Pidgin. And even though it’s only specifically targeting those apps, don’t think any of your data is safe, since Wirenet includes a keylogger to capture every single thing you type.
Once it’s installed itself on your home directory, Wirenet masquerades as an unassuming Wi-Fi utility called ‘WIFIADAPT.’ That’s where the gap in our data starts to show, too, since Dr. Web is still investigating how the malware is actually being spread.
If you’re using a system that could potentially be infected, you’ve got a couple of recourses. There’s the obvious route of depending on Dr. Web’s anti-virus products to keep you safe (they’d like that, wouldn’t they?), or the less obvious step of blocking the server that’s controlling Wirenet. Doing this is apparently a simple matter of cutting off communication with the IP address 220.127.116.11. Exactly how you do that will depend on what kind of system you’re using, but we think you’ll be able to figure it out.
It’s becoming increasingly apparent that the Mac is not safe from malware (although, as we’ve pointed out before, the fact that something like this is making the news goes to show that it’s still not as widespread a problem as it is on certain other platforms).
What we haven’t heard a lot about, though, is Linux infections. Even though Linux represents a tiny blip on hacker’s radar, it may be worth your time to consider investing in a little extra protection – or just common sense – next time you’re using a Linux box.