Feeds

New password-snatching Mac Trojan spreading in the wild

Exploits Java vulns and packs fake certificate

Internet Security Threat Report 2014

Security watchers warned on Friday that a new variant of a Mac-specific password-snatching Trojan horse is spreading in the wild.

Flashback-G initially attempts to install itself via one of two Java vulnerabilities. Failing that, the malicious applet displays a self-signed certificate (claiming to be from Apple) in the hope users just install the malware.

Once snugly in place, the malware attempts to capture the login credentials users enter on bank websites, PayPal, and many others.

OS X Lion does not come with Java preinstalled, so users of Mac's latest OS are less at risk of attack, but Snow Leopard does, and many users have not yet made the switch.

Mac security specialist Intego warns that the variant is infecting Mac users and spreading in the wild. Symptoms of infection can include the crashing of browsers and web applications, such as Safari and Skype.

Intego, which has added detection for the malware, has a write-up of the attack with a screenshot of the self-signed certificate used by the malware in action.

A report out this week from McAfee noted that after a spike of fake anti-virus packages targeting users back in June very little malware targeting Mac fans has been seen since. There were four million new strains of Windows malware in Q4 2011, compared to less than than 50 new Mac malware samples over the same three month period, according to McAfee. ®

Internet Security Threat Report 2014

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.