Macintosh computers get malware!
A new variant of malware first seen in September 2011 on Macintosh computers is making a new appearance and the exploit hasn’t been patched yet by Apple. Apple distributes a self-compiled version of Java and distributes these patches on its own schedule, which can be months behind the one for Java on Windows based computers.
Security experts have long warned that this delay in delivering Java patches on Mac OS could be used by malware writers to their advantage, and this new version of the Trojan malware confirms that they were right. Macintosh gets malware just the same as PC computers. Since Macintosh has a smaller market share, you just don’t hear about their malware attacks as often.
This new version is being distributed through Java exploits, which mean that a Mac can be infected without any user input. It prompts a dialog window that asks the user for their administrative password. Regardless of whether the user inputs the password or not, the malware still infects the system. The Trojan’s purpose is to inject itself into the Safari process and modify the contents of certain Web pages.
There are rumors that a new exploit for a different unpatched Java vulnerability is currently being sold on the underground market and could be used to target Mac users in a similar way in the future.
Apple stopped including Java by default in Mac OS X starting with Lion. However, if Lion users encounter a Web page that requires Java, they are prompted to download and install the runtime and might later forget that they have it on their computers.
Oracle released a fix for the targeted vulnerability back in February and it was included in an update for the Windows version of Java.