Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Flashback Trojan in the Wild

Published: 2012-02-24
Last Updated: 2012-02-24 19:06:48 UTC
by Guy Bruneau (Version: 1)
2 comment(s)

A Mac Trojan named Flashback released last year masquerading as a Flash Player installer appears to back under a new variant. A new variant of the Flashback Java Trojan known as Flashback.G is circulating in the wild running on OS X 10.6 (Snow Leopard). According to Intego, if your system has been compromised, Safari and Skype maybe prone to frequent crashes and find a Java applet in ~/Library/Caches.

"It is worth noting that Flashback.G will not install if VirusBarrier X6 is present, or if a number of other security programs are installed on the Mac in question."[1]



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

2 comment(s)
Cisco Small Business SRP 500 Series Multiple Vulnerabilities -
ISC StormCast for Friday, February 24th 2012
BlackBerry PlayBook tablet Samba file sharing Vulnerability -
Diary Archives