New OS X malware variant attacks unpatched Macs

Summary:A new malware variant sets out to punish those who haven't been keeping up to date with updates.

Patching OS X is so simple, but yet there are people who still put it off. A new malware variant sets out to punish those who haven't been keeping up to date with updates.

The new variant is a Trojan horse called 'Flashback.G' and is makes use of two exploits found on older versions of the Java runtime. Users with macs running OS X 10.6 'Snow Leopard' are particularly at risk since this version came with Java preinstalled while 10.7 'Lion' did not.

According to security firm Intego, this malware uses three tricks to try to get itself installed onto a system:

This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.

Image credit: Intego

This Trojan looks for specific websites (such as Google, Yahoo!, CNN, bank websites, PayPal, and so on) and tries to grab the user names and passwords used to log onto the sites.

If you are running OS X 10.6 then it is vitally important that you check to see that you have the latest Java update installed by running Software Update from the Apple menu.


Topics: Enterprise Software, Apple, Hardware, Security


Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.Adrian has authored/co-authored technic... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.