We’ve got some more info for you related to the Mac Flashback malware we previously posted on. A word of warning: It’s not great news.
When the Flashback malware hit Mac computers, many Apple fans were probably disheartened that they would have to manage a system restore and recoveryafter switching to the Mac platform, known for being more secure than Windows. Users may have to prepare themselves again, as according to ZDNet,the same Java vulnerability from Flashback is now being used to infect both Windows and Mac OS X platforms.
“While the attack vector is the same as in Flashback, this Java applet checks which OS it is running on and downloads suitable malware for it,” ZDNet said of this piece of malware. “Malware writers love using a cross-platform plugin as an attack vector because it allows them to target more than one operating system, and thus more potential users. Since Java has been having security problems for a while now, it shouldn’t be too much of a surprise it is now being used in an attack targeting both Windows and Mac computers.”
The Java vulnerability is used to download a virus written in C++ on Windows, while a very similar virus written in Python is installed on Mac OS X. Attacks on both platforms will allow for hackers to secretly send the computers commands, steal files and upload code to the victim’s computer. All in all, this has potential to be a very harmful Trojan for both types of computer.
Mike Pilley, a computer technician who writes the Computer Advice blog, reminds reader that no matter if there is a high-profile vulnerability at play or not, it’s always good to have a system restore and recovery option available.
We want to hear about how you use Java, given risks like this one. Do you always get the latest Java updates? Do you feel secure using Java, or do you have it disabled? Let us know in the comments!