Over 600,000 Macs globally were reported last week by a leading security vendor to be infected with a Mac botnet. A couple of hundred of these infected Mac systems ironically were found to be based in Cupertino, California – I didn’t say Apple Inc here.
The Trojan Flashback uses the applet (this is a reoccurring theme with Java bugs) to infect computer systems. Apple has known about this ‘bug’ for some time now. Once installed on the target Mac OS, the Trojan Flashback will inject code into the Web browser and other apps like Skype to harvest passwords, modify web pages and gather other information.
Update 10th April: Contagio received an anonymous Flashback.O sample from an anonymous user/victim. It’s only a payload binary, so don’t get too excited. 🙂
Apple has now pushed patches for this Java vulnerability. I suggest you download and install this Java software update immediately. Depending on which Mac OS you are running will depend on what Java update you will see in Software Update. Apple has released updates for Mac OS X 10.6 and Lion. Check for Java for Mac OS X 10.6 Update 7 or Java for OS X Lion 2012-001.
If your Mac system is infected and you understand the basics of using Terminal, then I suggest you manually remove Trojan Flashback botnet.
Safe surfing folks!