Flashback Trojan in the Wild

Published: 2012-02-24
Last Updated: 2012-02-24 19:06:48 UTC
by Guy Bruneau (Version: 1)
2 comment(s)

A Mac Trojan named Flashback released last year masquerading as a Flash Player installer appears to back under a new variant. A new variant of the Flashback Java Trojan known as Flashback.G is circulating in the wild running on OS X 10.6 (Snow Leopard). According to Intego, if your system has been compromised, Safari and Skype maybe prone to frequent crashes and find a Java applet in ~/Library/Caches.

"It is worth noting that Flashback.G will not install if VirusBarrier X6 is present, or if a number of other security programs are installed on the Mac in question."[1]

[1] http://blog.intego.com/flashback-mac-trojan-horse-infections-increasing-with-new-variant/
[2] http://www.macrumors.com/2012/02/24/flashback-trojan-returns-with-a-multi-pronged-infection-strategy/
[3] http://isc.sans.org/diary/Apple+Improving+OS+X+Anti-Malware+Feature/10951


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

2 comment(s)
Cisco Small Business SRP 500 Series Multiple Vulnerabilities - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120223-srp500
ISC StormCast for Friday, February 24th 2012 http://isc.sans.edu/podcastdetail.html?id=2350
BlackBerry PlayBook tablet Samba file sharing Vulnerability - http://www.blackberry.com/btsc/KB29565


Diary Archives