Mac Flashback Flaw Reused by New Malware Campaign

Malware criminals are on the hunt for Mac victims again, repurposing the Java-based vulnerability used by the Flashback bot to push a new drive-by web attack, security firm Sophos has reported.

It's a malware tactic that is taken for granted in the Windows world. A vulnerability in a common software interface -- in this case Java -- is hit multiple times by different malware campaigns, usually in quick succession.

The difference this time is that the attack is cunningly cross-platform, hitting Mac and Windows users.

If encountering an unpatched Windows system, the attack installs a backdoor whereas for Mac computers the attackers download a Python script to perform the same function. Although not as sophisticated, the latter still gives the hackers a lot of file-stealing and remote power over the Mac.

"This attack is quite different from the earlier Flashback attack, and may indicate that other cybercriminal gangs are exploring the possibilities of infecting Mac computers," commented Graham Cluley of Sophos.

"Although Windows users are generally pretty good at running anti-virus protection, Mac users are only just waking up to the need," said Cluley.

The good news is that the CVE-2012-0507 vulnerability will have been patched by many users in the aftermath of Flashback's publicity spike; the bad news is that vulnerability is recent enough that some won't have patched it at all.

The determination to hit Mac users using cross-platform exploits can probably be traced back to the mostly-ignored "Boonana" Trojan from October 2010, the first time malware writers had set out to attack Macs using the same design they'd use to hit Windows.

For Mac users who don't want to stop using Java (some will find it inconvenient to do so), the price will be more such attacks. Java has been spotted as a Mac weakness, partly because it isn't currently patched quickly by Apple and partly because its users leave their computers unprotected.

Expect more attacks targeting the current crop of flaws as well as future ones.

This story, "Mac Flashback Flaw Reused by New Malware Campaign" was originally published by Techworld.com.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.