Flashback.G malware makes mark on Macs

By

Researchers point to rise in infections.

Security software firm Intego has claimed a spike in infections by an "insidious" variant of a Mac trojan it uncovered last year.

Flashback.G malware makes mark on Macs

The company posted "evidence" of the infections gleaned from Apple and Skype discussion boards to its blog.

It first revealed the existence of the variants - dubbed Flashback.G - in early February.

Flashback.G requires very little user intervention. It exploits holes in Java vulnerabilities to install the malware on a user's mac computer.

In the event the user has up-to-date Java settings, the malware masks its installation using a social engineering trick, appearing as a digital certificate from "Apple Inc." that needs to be approved.

The malware installs itself in the /Users/Shared folder and comes with a .so extension with various names.

"One of the clues that a Mac is infected is that certain applications will crash," Intego said.

"This is notably the case for web browsers, such as Safari, or other network programs, such as Skype. This is because the injected code interferes with the program making it unstable."

Most cases of infection have been seen on Macs running OS X 10.6 Snow Leopard. OS X Lion does not come with Java installed.

The firm urged users to update to the latest version of Java and not to click on suspicious digital certificate notifications.

It also urged those who had been infected to send Java applet samples to Intego for further analysis.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
flashbackintegolionmacosxsecuritytrojan

Sponsored Whitepapers

Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.

Events

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments
Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"
SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy
Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?