After the problems which Java 7 had with an exploit that could exploit any computer, problems that in the meantime have been solved by an update, now we learn about the existence of new Mac malware. This malware is a keylogger capable of recording everything you type and of course sending that data to the hacker who designed it. Malware is called Wirenet.1, it was discovered by a Russian computer security company, and is capable of stealing third-party browser passwords and logging any information typed into the text boxes of any OS X application.
It also steals passwords entered by the user in several popular browsers (Chrome, Chromium, Firefox and Opera) or stored in other applications including Pidgin, SeaMonkey and Thunderbird. And as if that wasn't enough, it includes a keylogger to capture the user's keystrokes. Wirenet.1 installs itself into the user's home directory using the name WIFIADAPT. The company is still investigating how the malware is being spread. Wirenet.1 is detected and removed by Dr Web's AV products for Mac and Linux, and presumably other vendors will follow suit. One mitigation is to block communication with 212.7.208.65, which is the control server used by the attackers.
Practically, the malware first steals the databases with the passwords of browsers and chat/mail type applications, then it logs everything you type, so nothing escapes it. Although the malware is dangerous, the good part is that you can delete it from the HOME directory of OS X because it hides in the WIFIADAPT folder, if you want to be 100% sure that no one will find out the secrets, then through an application like firewall you can block any data transmission to the IP 212.7.208.65. In the future, more and more hackers will turn their attention to OS X, but for now users are relatively well protected.
The method by which a user can become infected is not specified, but I assume that an application must first be run with administrator rights.
