OS X trojan variant preys on Mac users with unpatched Java

“Patching OS X is so simple, but yet there are people who still put it off.,” Adrian Kingsley-Hughes reports for ZDNet. “A new malware variant sets out to punish those who haven’t been keeping up to date with updates.”

“The new variant is a Trojan horse called ‘Flashback.G’ and is makes use of two exploits found on older versions of the Java runtime,” Kingsley-Hughes reports. “According to security firm Intego, this malware uses three tricks to try to get itself installed onto a system: ‘This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.'”

Read more in the full article here.

MacDailyNews Take: Run Software Update ASAP and make sure you are up-to-date.

Related articles:
Warning: Flashback Trojan horse spreading; Mac users should be wary of Flash installers – September 28, 2011
Apple updates OS X Lion, Snow Leopard malware definitions to address new trojan – September 26, 2011

23 Comments

  1. On Leo Laporte’s Tech Guy broadcast yesterday, he repeated his assertion that there are a number of Mac OSX “viruses” out there in the wild, and recommended that all Mac OSX users purchase antiVirus software. Does this have any basis in fact?

    1. I’m pretty certain that there’s no AV ‘ware that is of any benefit for Macs. It would be interesting to see if there’s any connection between Laporte and any specific AV companies he recommends.
      Not that I’m making any specific accusations, you understand…

    2. I say no. Installing an anti-virus program is relying on a third party rather than Apple who already makes the best protected system.

      I don’t install anything on a Mac that doesn’t come via Software Update, App Store, or from a trusted vendor.

    3. ESET, publisher of Nod32 a Windows AV app with a decent reputation, is a sponsor of his Tech Guy program. Leo has prostituted himself by promoting a Mac version that has no value, just to make a buck. There are no Mac viruses in wild and he knows it. There is Mac malware, such as Trojans, that depend on user stupidity, but no ”viruses” that an AV app could detect.

    4. Laporte… wasn’t he the twit that attempted to file a copyright on the word “podcast” (way back in the early podcast days) so he could charge people for using it (and got a cese and disist from apple). Perhaps he became JAAHTP (Just another Apple hating tech pundit) after Apple swatted his butt.

    5. No, no basis in fact. Only Trojans that use social engineering to fool you.

      Having said that, you can install ClamXav, a free, open-source antivirus software for the Mac. Leo must have some antiviral software sponsoring his podcasts, if he’s promoting the notion.

  2. This functions as drive-by malware, something Mac users have long thought only Windoze PeeCees were affected by.

    And to those who have for years on this site ranted against A-V software, Intego reports that the drive by aspect did not work on even un-patched computers IF A-V software was onboard, despite no definition existing for the particular malware.

  3. Sophos is free for Mac and detects even PC malware on your virtual PC. There is no harm in having it. Been running it for quite a while now.

    No need to be smug and pretend there will never be any threat to Mac users. If all Mac users have max protection, then there will be no chance of a potential future threat to spread.

    Don’t underestimate the ignorance of many Mac users that can be duped into installing something.

  4. Leo has for several years now recommended an AV for MAC users. What he has NEVER done to my knowledge is recommended a specific suite. I do recall about 12-18 months ago on MacBreak Weekly the entire cast going through this very conversation and they covered all the mfg that had AV for the Mac. I think to believe that there will never be a virus for the Mac is wishful thinking at best.

  5. Leo does his best to not show his grudge towards Apple but even though now he makes most of his dime as a result of Apple products. About once a broadcast on any of his shows some little Apple negativity slips out as Leo can’t keep his mouth shut long enough to get back in Apple’s good graces. I even see his producer trying to shut him up sometimes but he often just cannot hold his tongue.

  6. To sidestep the subject of a Mac Trojan for a moment, Leo Laporte is bias against Apple. I have heard his radio broadcasts (Yeah an ACTUAL radio) and he will praise and slavishly talk about how great Android phones. When talking about the iPhone, he just gives it a MEH endorsement. Unless the caller is knowledgable and press Leo, he will reluctantly give the iPhone a slightly better outlook but then he reiterates about the Android phones being open, many different styles to choose, battery easy to replace etc. I listen to the guy when he recommends stereos, wide-screen TV’s, or fixing a software problem (most of it being Windows). When he starts talking about Android phones, I turn down the radio volume for several methods.

  7. I started listening to his podcasts a year ago and stopped listening to them 11 months ago. His voice reminded me of what it must have been like on those old bombing runs in WW2.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.