Sophos security researchers have identified a new malware that is targeting both Mac and Windows computers, exploiting the infamous Java security vulnerability that allowed the Flashback botnet to commandeer 600,000 Macs.
When a user visit a compromised webpage, it downloads the malicious software onto their computer by exploiting the Java vulnerability.
Depending on the operating system , it downloads different malicious files. Sophos detects the malicious file downloaded in windows as Mal/Cleaman-B and a malicious file downloaded in Mac OS X as OSX/FlsplyDp-A.
Once it infect the user system, it will download the further malicious code-downloading the Troj/FlsplyBD-A backdoor Trojan on Windows computers, and decrypting a Python script called update.py (extracted from install_flash_player.py) on Mac OS X.
"This Python script acts as a Mac OS X backdoor, allowing remote hackers to secretly send commands, uploading code to the computer, stealing files and running commands without the user's knowledge." Researcher said.
Security Tips:
- Are you using still unpatched version of Java? It is time to update it.. Make it fast before you fall for this infection.
- Not only Java, update all software.
- Install Security solutions.
