New 'Flashback' trojan swipes Mac passwords
Mac users, consider yourself warned: A new version of an infamous and ever-changing Mac Trojan has again been spotted, this time deploying three attack methods in an attempt to harvest your passwords, steal your money and generally terrorize your computer.
The original Apple-specific Trojan, "Flashback," has been around for months; past versions of the malware have disabled anti-virus software or infected computers by hiding in phony Adobe Flash Player installers. This new variant is a stronger, more robust beast, and the stakes are higher for those who fall victim to it.
Currently spreading in the wild, the new Flashback.G variant attempts first to exploit two separate Java vulnerabilities, most often in Macs running OS X 10.6 (Snow Leopard), the security firm Intego explained. You can block this route of entry by keeping your Java software up to date.