Flashback Mac trojan is back with new and improved exploit strategy
The "Flashback" Mac trojan is back, and it's smarter than ever. Mac security company Intego says the latest variant, Flashback.G, uses three new methods in order to make its way onto Macs, though it won't install itself at all if it detects a number of antivirus or anti-malware security programs already installed.
"The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention," Intego wrote on its Mac Security Blog on Thursday. "If these vulnerabilities are not available—if the Macs have Java up to date—then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue."