Information Technology Services
New OS X Malware Variant Attacks Unpatched Macs
A new Malware has been released that infects Macs that have not had the latest security updates installed.
This new Malware comes in the form of a Trojan horse called ‘Flashback.G’. It makes use of two exploits found on older versions of the Java runtime. Users with macs running OS X 10.6 ‘Snow Leopard’ are particularly at risk since this version came with Java preinstalled while 10.7 ‘Lion’ did not.
According to security firm Intego, this malware uses three ways to get itself installed onto a system.
This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.
This Trojan looks for specific websites (such as Google, Yahoo!, CNN, bank websites, PayPal, and so on) and then tries to get the usernames and passwords that logs into them.If you are running OS X 10.6 (Snow Leopard) you are at a greater risk and need to make sure that the latest Java update is installed. You can do this by running the Software Update from the Apple menu.
Note: Do not put this off, DO IT NOW!