Latest News

Bitdefender Protects Mac OS X Users against New Breed of Flashback Trojan

April 2012


To ensure that your Mac is clean, the easiest way to do it is to download and run the Bitdefender Virus Scanner that is available for freeon the App Store.

 

Bitdefender®, the award-winning provider of innovative antivirus solutions, offers detection and removal for the latest e-threat affecting Mac OS X users. Identified earlier this week, the Flashback.L Trojan is thought to have infected more than 600,000 OS X computers worldwide by exploiting the Java Runtime Environment on the local machine.

The malicious code is known to be hosted on websites that advertise themselves as user-generated video services. As the user lands on the compromised page, a piece of Javascript code loads a Java applet that exploits the locally-installed version of Java.

Successful exploitation leads to the download and execution of a malicious file identified by Bitdefender as MAC.OSX.Trojan.FlashBack.L. This Trojan has backdoor capabilities (which means an attacker can seize full control of your Mac) and also tries to harvest usernames and passwords used for services such as Gmail, PayPal, and e-banking, amongst others.

The Flashback Trojan has been initially spotted in September 2011, when it would pose as a Fake Flash Player installer. Ever since, it has exploited three distinct vulnerabilities in Java (CVE-2011-3544, CVE-2008-5353, and CVE-2012-0507), the latter being patched earlier this April.

To ensure that your Mac is clean, the easiest way to do it is to download and run the Bitdefender Virus Scanner for Mac that is available for free on the App Store. Checking whether you are infected or not is 1 one click away if you already have the app or 3 clicks away if you need to install it.

Also, make sure that you update your Java distribution at once by clicking on the Apple Menu and by selecting the Software Update option.