Apple Mac users have been warned that a new Trojan virus is capable of infecting their computers and stealing passwords to services such as Google, PayPal and online banking.
The new malware is a "particularly insidious" strain of Flashback, a
Trojan virus first discovered in September, and is said to be increasing the
infection rate.
It tries to take covert control of Macs using three methods. Two exploit
vulnerabilities in Java, a software language commonly used by websites to
deliver interactive elements, and require no intervention from the user to
succeed.
If Java is not installed or all its security patches are up-to-date, however,
the new variant, Flashback.G, attempts to trick users into installing it by
presenting a fake security certificate that looks like it comes from Apple,
according to Intego, a computer security firm.
"Most users won’t understand what this means, and click on 'Continue' to
allow the installation to continue," the
firm said.
Mac users running the most recent version of OS X, Snow Leopard, are most at
risk, because Java was included as part of the installation package for the
first time.
"It is therefore essential that anyone running OS X 10.6 update Java
immediately," Intego said.
Users running previois versions of OS X, such as Lion, may have installed Java themselves, however, and should also ensure it fully updated.
"Nevertheless, many Macs are getting infected by the social engineering trick of the bogus certificate purporting to be signed by Apple, as shown in our screenshot above. If you see this, don’t trust it, and cancel the process," Intego warned.
If a Mac is infected, certain applications such as Safari and Skype will frequently crash.
The Flashback Trojan caused a stir because cyber criminals rarely target Macs compared to Windows PCs. According to security experts it is showing increasing sophistication with each variant, suggesting Apple's growing market share is making it more worthwhile to invest time an money in creating Mac-specific viruses.
Nevertheless, according to the security firm McAfee, there were more than four million new Windows malware strains in the fourth quarter of 2011, compared to fewer than 50 that targeted Apple computers.
Users running previois versions of OS X, such as Lion, may have installed Java themselves, however, and should also ensure it fully updated.
"Nevertheless, many Macs are getting infected by the social engineering trick of the bogus certificate purporting to be signed by Apple, as shown in our screenshot above. If you see this, don’t trust it, and cancel the process," Intego warned.
If a Mac is infected, certain applications such as Safari and Skype will frequently crash.
The Flashback Trojan caused a stir because cyber criminals rarely target Macs compared to Windows PCs. According to security experts it is showing increasing sophistication with each variant, suggesting Apple's growing market share is making it more worthwhile to invest time an money in creating Mac-specific viruses.
Nevertheless, according to the security firm McAfee, there were more than four million new Windows malware strains in the fourth quarter of 2011, compared to fewer than 50 that targeted Apple computers.
No comments:
Post a Comment