We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Mac Flashback flaw re-used by new malware campaign

Python bites

Malware criminals are on the hunt for Mac victims again, repurposing the Java-based vulnerability used by the Flashback bot to push a new drive-by web attack, security firm Sophos has reported.

It's a malware tactic that is taken for granted in the Windows world. A vulnerability in a common software interface - in this case Java - is hit multiple times by different malware campaigns, usually in quick succession.

The difference this time is that the attack is cunningly cross-platform, hitting Mac and Windows users.

If encountering an unpatched Windows system, the attack installs a backdoor whereas for Mac computers the attackers download a Python script to perform the same function. Although not as sophisticated, the latter still gives the hackers a lot of file-stealing and remote power over the Mac.

"This attack is quite different from the earlier Flashback attack, and may indicate that other cybercriminal gangs are exploring the possibilities of infecting Mac computers," commented Graham Cluley of Sophos.

"Although Windows users are generally pretty good at running anti-virus protection, Mac users are only just waking up to the need," said Cluley.

The good news is that the CVE-2012-0507 vulnerability will have been patched by many users in the aftermath of Flashback's publicity spike; the bad news is that vulnerability is recent enough that some won't have patched it at all.

The determination to hit Mac users using cross-platform exploits can probably be traced back to the mostly-ignored 'Boonana' Trojan from October 2010, the first time malware writers had set out to attack Macs using the same design they'd use to hit Windows.

For Mac users who don't want to stop using Java (some will find it inconvenient to do so), the price will be more such attacks. Java has been spotted as a Mac weakness, partly because it isn't currently patched quickly by Apple and partly because its users leave their computers unprotected.

Expect more attacks targeting the current crop of flaws as well as future ones.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model