New Variant Of Flashback For Mac Attacks Again [Updates]

Ads by Google

Flashback, the Mac OS X trojan we began reporting on months ago, just won’t go away in spite of numerous Apple updates designed to patch the Javascript security hole that Flashback was jumping through.

The latest version, discovered on Monday by the Intego, has been labeled Flashback.S. It spreads using the same vulnerability as earlier versions, which means that it requires no password prompt to install itself on a targeted system.

There’s a new trick, too – this variant will delete files in ~/Library/Caches/Java/cache to remove traces of the trojan and prevent the recovery of samples by security firms (a ruse that,
obviously, hasn’t worked).

If you haven’t already updated your Mac (shame on you!), do so now. Apple’s updates to patch the flaw used by Flashback will work against this and all other know versions. The patch can be downloaded using the update service built in to OS X.

You can also protect yourself by installing an antivirus. According to Intego, Flashback does not even attempt to install itself on systems protected by certain software. This has been true since the original version and is likely an attempt to slow the detection of new variants.

Source: New York Times, Intego

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Mac Troubleshooting
Mac Troubleshooting
15 Members
Apple Hardware Discussion
Apple Hardware Discussion
11 Members
Apple TV Tips & Hacks
Apple TV Tips & Hacks
15 Members
Mac Switchers
Mac Switchers
10 Members
Mac OS X & Software
Mac OS X & Software
10 Members
Mac Gamers
Mac Gamers
7 Members
Ads by Google
Comments (6)
  • asashii

    glad you can get away without JAVA i sure cant!!!!!!!

  • JoeyDee

    Apple/Mac users are in for a rude awakening in the next few years, IMHO.

  • JimC

    This attack is not a JaveScript attack, but it is a JAVA attack. The best way to protect yourself is removing JAVA from your machine..95% of the people will never see any difference.

    • Matt Smith

      You’re right, but I wouldn’t recommend people remove Java.

  • Scutterman

    “Flashback does not even attempt to install itself on systems protected by certain software”
    Sounds like it’s designed to encourage use of the anti-virus that apple have so long claimed isn’t required for macs. Hard to tell who’s the bad guy here

    • Matt Smith

      Or it’s just trying to be smart and limit its exposure to security apps. The sooner a variant is caught in the wild, the sooner security firms analyze it, resulting in warnings like this.

Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.