Jump to content

Update your Java Version


3 posts in this topic

Recommended Posts

BackDoor.Flashback.39 trojan




snow update




lion update




the trojan is a false update flash player.


The Flashback Trojan has hit 600,000 Macs worldwide, 300,000 in the US and at least 274 in Cupertino alone. Is your computer safe?

The times when Apple computers were malware-free are far gone. Mac users need to be wary, as the Flashback Trojan has taken a toll on Mac OS X computers, stealing person information through Web browsers and Java.

According to a report today from Russian antivirus company Dr. Web, the growing Mac botnet had originally laid claim to 500,000 Mac computers, but later that number was updated to 600,000. At least 274 of those bots were found to be checking in from Cuptertino, CA.

The numbers point out that 57 percent (303,449) of the compromised Macs are US located, and around 20 (106,379) percent lie festering in Canada. The UK has the third largest number of infected Macs, claiming 12 percent of the botnet. Australia comes in fourth with 32,527 infected hosts.

Users were infected with BackDoor.Flashback.39 after being redirected to a bogus website. A Google SERP in March points to there being at least four million compromised web pages, and some users have reported infection when visiting dlink.com. Once the JavaScript code loads a Java-applet contining the exploit, the exploit downloads a payload from a remote server. There are then two versions of the Trojan. The first way hunts down these components in the hard drive:

/Library/Little Snitch


/Applications/VirusBarrier X6.app





/Applications/Packet Peeper.app

If not found, the Trojan uses “a special routine to generate a list of control servers,” and begins checking in with those servers.

The malware was first discovered back in September 2011, and masqueraded as a fake Flash Player installer. The latest variant took over this past weekend, going after a Java vulnerability. The vulnerability (CVE-2012-0507) was closed by Apple Tuesday. It’s recommended that a security updated by downloaded from support.apple.com/kb/HT5228

Link to comment
Share on other sites


  • Create New...