Welcome!

Welcome to Satlover forums, full of great people, ideas and excitement.

Please register if you would like to take part. link..

Register Now

Alert: Don't Use Hotmail Email Accounts for registration

Collapse

Before Access to all Forums and Trial accounts you must need to activate your account Email address

New Flashback Variant Continues Java Attack

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • dniestre
    Banned
    • Mar 2012
    • 838

    New Flashback Variant Continues Java Attack

    New Flashback Variant Continues Java Attack, Installs Without Password



    Intego has discovered a new variant of the Flashback malware, Flashback.S, which continues to use a Java vulnerability that Apple has patched. No password is required for this variant to install, and it places its files in the user’s home folder, at the following locations:

    ~/Library/LaunchAgents/com.java.update.plist
    ~/.jupdate
    It then deletes all files and folders in ~/Library/Caches/Java/cache in order to delete the applet from the infected Mac, and avoid detection or sample recovery.

    Intego has several samples of this new Flashback variant, which is actively being distributed in the wild.

    It’s worth noting that this variant will not install if it finds Intego VirusBarrier X6, Xcode or Little Snitch installed on the Mac it tries to attack.



    link: _http://www.intego.com/mac-security-blog/new-flashback-variant-continues-java-attack-installs-without-password/#disqus
Working...