New Mac malware exploits Java bugs, steals passwords
A new version of a well-known family of Mac malware exploits vulnerabilities in Java to steal usernames and passwords for online payment, banking and credit card websites.
Flashback.G is the first variant of the Trojan horse to use an attack vector that doesn't require any user interaction, said Intego Security, a French firm that specializes in Mac antivirus software. Most Mac malware needs help from users to get on a machine, if only to okay an installation by entering the system password.