Apple releases patch as 600k Macs infected with the Flashback Trojan

Apple releases patch as 600,000 Macs infected with the Flashback Trojan

The critical update to Apple’s version of Java for Mac OS X plugs at least a dozen security holes in the program and mends a flaw that attackers have recently pounced on to broadly deploy a malicious software program, known as Flashback Trojan, both on Microsoft’s Windows and Apple’s Mac operating systems.

Flashback Trojan’s most recent variant (it has been around since 2011) self installs after users visit legitimate websites that have been infected to distribute the program – a process known as drive-by download. Once installed, the malware sniffs data traffic from the computer in search for user names and passwords.

The update, Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, sews up an extremely serious security vulnerability (CVE-2012-0507) that miscreants recently rolled into automated exploit kits designed to deploy malware to Windows users. But in the past few days, information has surfaced to suggest that the same flaw has been used with great success by the Flashback Trojan to infect large numbers of Mac computers with malware.

Flashback is an increasingly sophisticated malware strain that sniffs network traffic in search of user names and passwords. Early versions of it prompted Mac users to enter their password before it would run, but the most recent strains will happily infect vulnerable Mac systems without requiring a password, writes Ars Technica, among others. F-Secure has additional useful information on this Trojan attack here.

Mac Flashback torjan
Flashback-infected Macs. Source: Dr.Web.com
); ga('send', 'pageview');