News of the new Careto malware has been making the rounds after over 1,000 victims in 31 countries were reportedly infected, whether on Mac, Windows or Linux computers. While currently inactive, following discovery by malware researchers, the malware’s attacks could restart at any time, says Gizmodo.
Intego’s Mac anti-virus software, VirusBarrier, with up-to-date malware definitions offer protection against Careto and all other known Mac malware.
Relying on phishing emails to infect computers, the Careto malware is able to log network traffic, record keystrokes, spy on Skype conversations and specifically searches for encryption keys, SSH keys or VPN settings to report back to its command and control servers.
Observed attacks were using multiple vectors, according to security researchers. These include at least one Adobe Flash Player exploit (CVE-2012-0773), social engineering, coercing users to download and execute a JavaUpdate.jar file or to install a Chrome browser plugin. Other exploits may exist as well.
It is not yet known who is responsible for Careto. Its high level of operational security and complexity has led researchers to believe that Careto might be state-sponsored. Intego will provide updates as soon as more information becomes available.