There’s yet another Flashback variant making its way through unprotected Macs, though it still only takes advantage of the now-patched Java vulnerability that the previous few versions made use of.
Security firm Intego posted about the latest version of the malware, Flashback.S, which mimics the behaviors of previous variants of the malware. Flashback.S doesn’t require an admin password to install itself into the machine’s home folder, and it deletes all files located within
~/Library/Caches/Java/cache “in order to delete the applet from the infected Mac, and avoid detection or sample recovery.”
Those of us who have already updated our Macs with the latest version of Java won’t have to worry, as Flashback.S has yet to find a new vulnerability to exploit. But there are apparently still plenty of Mac users—-650,000, according to Russian antivirus firm Dr. Web last Friday—who are currently infected with some version of Flashback, meaning there are at least that many (and probably more) who have yet to update their machines.
Meanwhile, Sophos claims in a new report that one in five Macs is “harbouring some kind of malware,” though Sophos’ limited sample size (those who have downloaded Sophos’ antivirus software) indicates we should take the numbers with a grain of salt until more researchers can corroborate the claims.