New Trojan variant can install without password

A Mac Trojan horse can now infect your computer from little more than a visit to a website

Flashback, a Mac Trojan horse that’s been in the public eye since it was uncovered by security firm Intego last year, has a new trick up its sleeve: It can now infect your computer from little more than a visit to a website.

Originally, Flashback masqueraded as an installer for Adobe’s Flash Player—hence the name—but the malware has changed tacks at last once since then, instead pretending to be a Mac software update or a Java updater.

The latest variant, discovered by security researchers at F-Secure and dubbed OSX/Flashback.K, takes advantage of a weakness in Java SE6. That vulnerability, identified as CVE-2012-0507, allows the malware to install itself from a malicious website the user visits, without needing the user to enter an administrator’s password.

No fix is currently available for this vulnerability on the Mac, although the hole was patched in Java for Windows back in February. Unfortunately, Apple has long been criticized for lagging behind Windows when it comes to updating Java for security patches. However, given that Apple rolls out updates every few months, it seems likely that the company will distribute a patch in the not too distant future.

Until then, F-Secure suggests users deactivate Java on their Macs. The company has also given instructions for checking if your system is currently infected by the Flashback Trojan.

It’s also worth noting that the Java vulnerability has recently been included in the popular BlackHole exploit kit used by many attackers.

While there’s no need for widespread panic, the fact that this latest version of the malware can install itself without the user’s password is enough of a reason for concern that some precautions are necessary. Disabling Java is a good step, but the first line of defense is, as always, to be cognizant of the websites you visit and use common sense.

Join the TechWorld newsletter!

Error: Please check your email address.

More about Adobe SystemsAppleF-SecureIntegoMacs

1 Comment

Walter Leiska


So maybe Apple may wake up and stop advertising that it has no viruses like PCs.
Welcome to the virus club.
Please change your advertisements that you are virus free,
Not any more and it would be be of great benefit to your users
If you got on with the task and show more urgency in having a fix for this problem. Get use to it .
This will not be the last virus for you to fix. You have now entered the real world of modern computing good luck and please don't lie any more about your products Steve is watching.
I think he is going to have a good laugh at the Apple releases its
products. 4G really it must be a fantastic product to change itself
to run on Telstra networks.

Comments are now closed

Top Whitepapers

Twitter Feed

Featured Whitepapers