New Multi-Platform Web Exploit !! Posted by Adel Mubarak , Sunday, July 15, 2012 at 3:12 PM, in Labels: Security

The attack was detected on a compromised website in Colombia, When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority. If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform. The files are detected by F-Secure as 'Backdoor:OSX/GetShell.A,' 'Backdoor:Linux/GetShell.A' and 'Backdoor:W32/GetShell.A