Cybercriminals have been utilizing a vulnerability existing in Java, to infect Mac systems with a variation of the Flashback malware. This bug has not been patched by Apple yet. The news was revealed in a report by F-secure, which is an antivirus firm. Firms that are dependent on Mac systems are now investing in Java training classes so that their employees can better understand and deal with this problem.
Flashback, which is a Trojan horse that infects Mac OS systems, first appeared in September 2011. The initial variant of this software was distributed in the form of a phony installer for Flash player. However, in the past few months, the Trojan has been altered significantly. It not only functions in a different way now, the method of distribution has also been modified. In February 2012, a lot of antivirus companies said that a newer version of Flashback was infecting systems by exploiting holes in Java. This meant that it was no longer required for the user to interact with the virus to start the infection process.
Why Apple Faces This Problem
The holes in Java that were utilized in the February and previous attacks were as old as 2009 and 2011. So, anyone using updated versions would not have faced any problems. But, the latest version of the Trojan will infect your Mac system even if you have the up to date version of Java. The fix for the problem was released by Oracle in February and it was bundled along with an update meant for the Windows version of Java. Apple distributes a self-compiled version of Java to be used with Macs. So the patches that Oracle releases are ported to Apple’s version after some time. A lot of security experts have said that this delay in Apple releasing the patches can be advantageous for cybercriminals.
How The Trojan Malware Operates
Java training courses can be really beneficial in understanding how this malware operates. Once it enters your system using the security hole, the Trojan will pop up a display on your screen asking for the admin password. It does not matter if you enter the password or not, the malware will still infect the system. The main purpose of the Trojan is to insert itself into the Safari browser process and then modify the content of web pages.
Protecting Yourself From This Problem
If this was not enough, there are rumors circulating that another Java security hole has been identified and the exploit for that is available in the underground market. F-secure researchers said that this new exploit could also target Mac users in a fashion similar to Flashback. F-secure researchers also said that Mac users need to disable their Java clients if they do not want this to become an outbreak. They also provided the relevant instructions to do this. Starting from Mac OS 10.7 (Lion), Java is not included by default in the operating systems.
But on coming across a Java dependent page, the browser will ask the user to download Java. However, it is possible that after installing, you might forget that you have Java on your system and could be prone to a Flashback.K malware attack.
Please Share This Knowledge With Others!