Web Exploit Found That Customizes Attack For Windows, Mac, and Linux

phaedrus5001 writes with this quote from Ars: "Security researchers have found a live Web exploit that detects if the target is running Windows, Mac OS X, or Linux and drops a different trojan for each platform. The attack was spotted by researchers from antivirus provider F-Secure on a Columbian transport website, presumably after third-party attackers compromised it. The unidentified site then displayed a signed Java applet that checked if the user's computer is running Windows, Mac OS X, or Linux. Based on the outcome, the attack then downloads the appropriate files for each platform."

Re:Java = security nightmare

[amicusNYCL]

You're right, the Java programming language is not a security threat to computers in general. The Java Runtime Environment, and its various browser implementations, however, is definitely a threat. Just like PDF documents are not a threat, but Acrobat Reader is definitely a threat. See here for proof (spoiler: Java was the #1 infection vector, at 37%; Acrobat #2 at 32%).

Re:Blah

[Compaqt]

I haven't tried the exploit, but again:

On my machine, all the important stuff is in the /home directory.

There's nothing really interesting in the "system". I don't even really care about the system. It's just an ISO download away from reinstall.

My files, on the other hand, are what's important.

Re:Blah

[wmbetts]

1) Disable Java by default. I have yet to have a website that I use regularly not work, because Java doesn't run. Whitelist the sites you want to Java on.

2) Don't blindly click and enter your password at every prompt

Those two things alone would make you immune to this.