Crisis Malware Also Targets Windows Mobile and VMware Machines
Crisis malware, also known as Morcut, which was discovered last month, has been found to have the to ability to infect four platforms - Mac OS X, Windows, VMware virtual machines and Windows Mobile smartphones - rather than the two previously discovered..
The Crisis malware was uncovered on the same day OS X Mountain Lion was launched. The malware targeting is capable of opening up the user's computer to other computers on the network, and allow it to be controlled by a remote server as well as steal data from the user's computer.
The malware is said to be able to record Skype conversations and capture traffic from instant messaging programs such as Adium and Microsoft Messenger, according to PCWorld.
Crisis hoaxes users into running a malicious Java applet, detect the respective operating systems and then run via a Java Archive (JAR) file by using "social engineering techniques". A JAR file is a ZIP file on the Java platform.
Symantec reports that the malware uses three different ways to spread: copy itself and an autorun.inf file onto a removable disk drive; slip onto a VMware virtual machine; or drop modules onto a Windows powered mobile device.
According to Symantec, Crisis is said to look out for an image on a VMware virtual machine, mount the image and copy itself onto the image via VMware Player tool. VMware Player is a tool which is used to run multiple operating systems simultaneously on a PC.
"This may be the first malware that attempts to spread onto a virtual machine. Many threats will terminate themselves when they find a virtual machine monitoring application, such as VMware to avoid being analyzed, so this may be the next leap forward for malware authors," Takashi Katsuki, a Symantec researcher wrote, in a blog post.
The Crisis malware reportedly affects Windows mobiles devices and not Android or iOS devices. Malware attacks targeting Android smartphones and tablets have increased threefold in the second quarter of 2012 accordignto figures reported by Kaspersky.
In July, a piece of malware known as Android.Dropdialer was uncovered in popular games in Google's app store, Super Mario Bros and GTA 3 Moscow City.
© Copyright IBTimes 2024. All rights reserved.