Flashback Trojan infects Macintosh systems, Apple patch is available
A world-wide increase in Macintosh infections is being reported this week, as new variants of the Flashback Trojan have been detected and Apple Inc. has released patches for the Java vulnerability. Several infected hosts have been discovered at Penn State, as other universities report the same.
The first exploit appeared in late February, and several newer versions of the exploit have been detected this week. Unpatched Macintosh machines can become infected without any user interaction via drive-by downloads delivered by seemingly ordinary web browsing to temporarily hacked, legitimate web sites. Some articles describing the Flashback Trojan are available here:
http://www.intego.com/mac-security-blog/flashback-mac-trojan-horse-infections-increasing-with-new-variant/
http://nakedsecurity.sophos.com/2012/04/05/mac-botnets-gaining-traction-using-drive-by-java-exploit/
http://www.pcmag.com/article2/0,2817,2402685,00.asp
Macintosh users are encouraged to check for updates and patch their machines immediately, as well as to upgrade older OSX operating systems as soon as practical. Users are advised to be cautious about offers to install software and addons from unknown Internet sources.
Security Operations and Services is a unit of Information Technology Services, and can be reached for questions and comments at security@psu.edu or at 814-863-9533 (M-F, 8-5).
More information: Flashback Trojan infects Macintosh systems, Apple patch is available