Flashback.G malware makes mark on Macs

By

Researchers point to rise in infections.

Security software firm Intego has claimed a spike in infections by an "insidious" variant of a Mac trojan it uncovered last year.

Flashback.G malware makes mark on Macs

The company posted "evidence" of the infections gleaned from Apple and Skype discussion boards to its blog.

It first revealed the existence of the variants - dubbed Flashback.G - in early February.

Flashback.G requires very little user intervention. It exploits holes in Java vulnerabilities to install the malware on a user's mac computer.

In the event the user has up-to-date Java settings, the malware masks its installation using a social engineering trick, appearing as a digital certificate from "Apple Inc." that needs to be approved.

The malware installs itself in the /Users/Shared folder and comes with a .so extension with various names.

"One of the clues that a Mac is infected is that certain applications will crash," Intego said.

"This is notably the case for web browsers, such as Safari, or other network programs, such as Skype. This is because the injected code interferes with the program making it unstable."

Most cases of infection have been seen on Macs running OS X 10.6 Snow Leopard. OS X Lion does not come with Java installed.

The firm urged users to update to the latest version of Java and not to click on suspicious digital certificate notifications.

It also urged those who had been infected to send Java applet samples to Intego for further analysis.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?