For those Mac users who still haven’t taken the hint and updated their systems’ security (all, what, 140,000 of you?), here’s yet another version of the Flashback Trojan for you to enjoy.
The new version, dubbed Flashback.S, isn’t really all that new in terms of technical prowess. It infects unprotected Macs in the same way Flashback.K did, through a Java applet exploit, and installs itself without the need for your password. And, just as its predecessor, Flashback.K erases its footprints by deleting the Java cache and ensures its propagation by installing into the Java Update folder. But it is yet one more entity in the growing litany of malware that’s calling your computer home, so get it fixed already.
Your clean-up options are straightforward: check with F-Secure to see if you’re infected, update your Mac — the Java patch is included with a recent update — and run Antivirus if you have it. [Intego via Ars Technica]