Technical details of Wirenet.1's operation and technique for spreading are sparse for now, but the company reports that the backdoor program targets browser passwords for Opera, Firefox, Chrome, Chromium, and as well as applications such as Thunderbird, SeaMonkey, Pidgin.

Under Linux it copies itself to the ~ / WIFIADAPT directory before attempting to connect to a command and control server hosted at 212.7.208.65 using an AES encrypted channel. That at least offers a simple way of blocking communication and any further payloads.

Dr Web made a name for itself earlier this year that hit Mac users on an unprecedented scale.

It's not clear whether Wirenet's cross-platform capabilities extend to targeting Windows systems but it is possible that avoiding Microsoft's OS is a way of keeping off the radar of security firms.

Cross platform malware is rare but not unheard of, the usual technique being to hook into Java in search of victims using OS X.