• Home
  • News
  • OS X
  • Flashback.G Trojan Hits the Mac, Exploits Old Java Vulnerabilities

Flashback.G Trojan Hits the Mac, Exploits Old Java Vulnerabilities

Flashback.G Trojan Hits the Mac, Exploits Old Java Vulnerabilities

A new variation of the Flashback trojan, called “Flashback.G” is reported to be “in the wild” and exploits two vulnerabilities found in an old version of Java run-time. People running Snow Leopard and an older Java run-time are at the highest risk.

Christian Zebreg writing for 9to5Mac:

A new variant of the Flashback trojan horse called “Flashback.G” is reportedly out in the wild and able to exploit a pair of vulnerabilities found in an older version of Java run-time, according to a blog post by antivirus maker Intego yesterday. People running Snow Leopard and an older Java run-time are at high risk as the primary spreading method calls for maliciously crafted websites. When visiting such pages, the malware exploits a browser’s security settings and installs itself without any intervention on the user’s part.

Even if you use the latest Java run-time installation, the malware can still falsely report a Java certificate as signed by Apple (though it is reported as untrusted), duping naïve users into clicking the Continue button in the certificate window and letting the trojan infect the host system.

Once infected, the trojan will grab your personal data and upload it into the cloud. Data such as usernames and passwords for popular websites like Google, PayPal, eBay and others will be stolen. One indication that you’ve been infected: crashes in Safari, Skype, and other apps with embedded browser content.

Protecting yourself from this evil little piece of code is easy. Coincidentally, Intego’s own anti-virus software, VirusBarrier X6 has been updated to warn you of any install attempts. Or, you can simply update your OS X installation by running “Software Update” from the Mac menu.

As always, the best way to protect yourself and your Mac from nasty little surprises like this is to always practice “safe computing”. Apply the latest software updates. (I check for updates at least once a week.) Only download or run files from trusted sources. Never allow anything to have access to your valuable data without knowing the source. Stay in the well lit areas of the Internet, it’s the best way to keep you and your data safe from the bad guys.

  1. 225831 466187Spot on with this write-up, I need to say i believe this outstanding web site needs a lot a lot more consideration. Ill probably be once once more to learn an excellent deal more, several thanks that data. 851550

  2. 927054 802357Hey, you used to write amazing, but the last few posts have been kinda boring I miss your tremendous writings. Past couple of posts are just slightly out of track! come on! 15092

  3. 123775 453544We are a group of volunteers and opening a new system in our community. Your web web site given us with valuable information to function on. Youve done an impressive job and our entire community will be grateful to you. 796869

  4. 204601 527024dog grooming could be the specialty of my sister, she truly loves grooming every dog in our house 726444

Leave a Reply

Your email address will not be published.