Skip to main content

Solutions for
Solutions by Industry

More


Our Story
Talk to a CIO
Contact

Flashback Attack: Mac Malware Exploit Prompts Urgent Java Update From Apple

Update (4/19/2012): Apple has released a Flashback malware removal tool which, according to Apple, “removes the most common variants of the Flashback malware” — for details, see Apple’s Knowledge Base article here:

http://support.apple.com/kb/DL1517

###

A Trojan Horse attack known as “Flashback” has infected more than half a million Macs around the world according to Russian antivirus software vendor Doctor Web, prompting Apple to release an urgent Java update to address security issues exploited by the malware.

Per Apple’s knowledge base article on the Java Update, “Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31.”

Island Technologies strongly advises that all Mac OS X 10.6 (Snow Leopard) and 10.7 (Lion) users immediately install Apple’s Java Update. If you’ve been waiting for a reason to upgrade your version of OS X, now is the time to do it  — Apple is no longer providing OS X updates for versions prior to Snow Leopard, which will remain vulnerable to Flashback and other Java-based exploits.

Flashback works by tricking users into thinking it is a legitimate browser plug-in, required to view content on a (malicious) web site.  Once installed, it acquires passwords and other personal information from web browsers and other internet-enabled software, and relays the ill-gotten info back to remote servers, presumably for use in credit card fraud and identity theft.  The most recent version of the malware, which exploits a Java security flaw, can install itself without requiring the user to do anything (beyond visiting a malicious web site).

CNET News has a very helpful article up providing in-depth information on Flashback and how to detect and remove it from your system, but it requires some familiarity with Apple’s Terminal command-line interface.  If you require assistance in dealing with this troublesome malware, please do not hesitate to contact Island’s Support Team at 818.832.2310!

Back to Latest Posts