Intego Warns of New Flashback Malware Variant
The new version, Flashback.S, doesn't request an administrative password prior to installation.
Intego researchers recently discovered a new version of the Flashback malware, called Flashback.S, which exploits the same Java vulnerability as the first version of the malware.
"[Unlike] Flashback.K, the variant that first surfaced last month and has caused consternation among Mac users, Flashback.S never asks the victim to enter an administrative password for installation, but instead relies only on the silent exploit of the Java bug to sneak onto the system," writes Computerworld's Gregg Keizer. "'The differences are very subtle,' Peter James, a spokesman for Intego, said in an interview Tuesday. 'There's no password request [by Flashback.S].'"
"All that’s needed to become infected with this malware is for the Mac user to visit a website serving the malicious code (which are believed to be hacked WordPress blogs) using the Safari browser," writes Forbes' Adrian Kingsley-Hughes. "It’s that simple. there’s nothing to click on and no password prompt."
"The original Flashback variant used infected computers for click fraud, in which clicks on a Web advertisement are manipulated in exchange for kickbacks," writes The New York Times' Nicole Perlroth. "Intego researchers did not say what the new variant of Flashback is being used for. But as with all malware, its creators can choose to use infected computers however they like."
"My advice to Mac users remains the same," notes ZDNet's Emil Protalinski. "Get the latest security updates from Apple. Disable Java if you don’t use it. Install an antivirus."