Flashback Malware for Mac Changes Infection Tactic
A new variant of the password-stealing Flashback malware aimed at Apple computers has emerged, which tries to install itself after a user visits an infected website, according to new research.
Flashback, discovered by security vendor Intego last September, is engineered to steal passwords for websites, including financial sites. Since its emergence, several variants have appeared showing its authors' innovation.
The first version of Flashback tried to trick users into installing it by masquerading as Adobe's Flash Player. Later versions checked to see if the Apple computer in question had an unpatched version of Java with two software vulnerabilities. If the computer was running unpatched Java, Flashback automatically installed itself. If the Java attack didn't work, Flashback then presented itself as an Apple update with a self-signed security certificate.