Home / / Sophos warns of new OS X and Windows threat

Sophos warns of new OS X and Windows threat

Morcut Mac OS X malware designed to attack both Windows and OS X systems

Sophos warns of new OS X and Windows threat
Sophos says that Morcut is a complex attack that targets both Mac and Windows.

Sophos is warning of a new malware that targets both Windows and Mac OS X operating systems.

The security company says that the Morcut Mac OS X malware, also known as ‘Crisis', is a Trojan, hidden inside a multi-platform Java attack, that is disguised as Adobe Flash Player. When run on an OS X system, the malware drops multiple components, reconfigures system settings and installs a backdoor and rootkit combination that connects to a remote server and waits for instructions from malicious hackers. On a Windows system, a version of the Swizzor malware is installed instead.

The company says that although Morcut Mac has yet to be seen in the wild, it is a sophisticated attack that could catch OS X users if they are not using an up-to-date anti-virus application.

"Analysis of this malware is ongoing, but Mac users are protected right now if they are running a good, up-to-date anti-virus," said Graham Cluley, senior technology consultant for Sophos. "The good news is that this threat has not been seen in the wild so far, but we are seeing increasing evidence of cybercriminals exploiting the fact that many Mac users have still not got the message that they need to protect their computers. There is much less malware for Macs than there is for Windows, but that doesn't mean it's non-existent. If Mac users are too laid-back about security and leave their bellies exposed, they're asking for trouble."

Sophos has a free anti-virus for Mac home users available here.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.