Flashback Trojan

Stop being lazy and run Software Update already, Mac users. Antivirus company Intego has identified a new form of the Flashback Trojan that is infecting Apple computers through the same Java vulnerability because you’re too “busy” to update your software.

“This latest variant uses no social engineering at all,” said Intego spokesperson Peter James in an interview with VentureBeat. “The problem is that while Apple has patched the vulnerability, people haven’t updated… This is the same problem with Windows.”

Malware writers are still pointing their Flashback spearheads at Macs because of one simple fact: not everyone is going to download Apple’s patch to the Java vulnerability allowing Flashback to enter the computer. As James explained, the previous version of the trojan accessed the computer by prompting people to download a plug-in or enter a username and password into a fake software update field. This version, called Flashback.S, however, is executed immediately when an infected website is loaded.

But it’s not just individual Mac users who are at fault for the continued proliferation of this virus. Indeed, according to Intego, the malware writers are targeting blogs using versions of WordPress that have not been updated to patch its own security holes. James explained that a hacker can put a command into the URL of a website that allows the person to insert files onto the website, without the website owner ever knowing. Those files, the Flashback Trojan, are then passed on to your computer when you access the blog.

“Since the beginning of this whole flashback ‘epidemic,’ they’ve changed methods several times,” said James. “These people are tenacious and they know what they’re doing. These are people who understand how Macs work under the hood.”

But why are cyber-criminals increasingly targeting Macs? Well, it’s obvious that Macs are gaining market share — go to any college campus Starbucks and you’ll think you’re in a metallic orchard. But, as James said, “Mac users have less experience with viruses as Windows users.” They’re also much less likely to have protective antivirus software on their computers to catch these threats.

Naturally, Intego notes that its own antivirus software can clean up the Flashback Trojan mess if it exists on your computer. We’ve reached out to F-Secure to see if its clean-up tool is still relevant for this new variant.

Trojan horse image via Shutterstock; hat tip The New York Times

You can't solo security COVID-19 game security report: Learn the latest attack trends in gaming. Access here