Flashback.G malware makes mark on Macs

By

Researchers point to rise in infections.

Security software firm Intego has claimed a spike in infections by an "insidious" variant of a Mac trojan it uncovered last year.

Flashback.G malware makes mark on Macs

The company posted "evidence" of the infections gleaned from Apple and Skype discussion boards to its blog.

It first revealed the existence of the variants - dubbed Flashback.G - in early February.

Flashback.G requires very little user intervention. It exploits holes in Java vulnerabilities to install the malware on a user's mac computer.

In the event the user has up-to-date Java settings, the malware masks its installation using a social engineering trick, appearing as a digital certificate from "Apple Inc." that needs to be approved.

The malware installs itself in the /Users/Shared folder and comes with a .so extension with various names.

"One of the clues that a Mac is infected is that certain applications will crash," Intego said.

"This is notably the case for web browsers, such as Safari, or other network programs, such as Skype. This is because the injected code interferes with the program making it unstable."

Most cases of infection have been seen on Macs running OS X 10.6 Snow Leopard. OS X Lion does not come with Java installed.

The firm urged users to update to the latest version of Java and not to click on suspicious digital certificate notifications.

It also urged those who had been infected to send Java applet samples to Intego for further analysis.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party

Melbourne dev finds gift card PINs can be brute-forced

Melbourne dev finds gift card PINs can be brute-forced

Western Sydney University targets file-sharing sites hosting stolen data

Western Sydney University targets file-sharing sites hosting stolen data

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Log In

  |  Forgot your password?