A new variant of the password-stealing Flashback malware aimed at Apple computers has emerged, which tries to install itself after a user visits an infected website, according to new research.
Flashback, discovered by security vendor Intego last September, is engineered to steal passwords for websites, including financial sites. Since its emergence, several variants have appeared showing its authors’ innovation.
The first version of Flashback tried to trick users into installing it by masquerading as Adobe’s Flash Player. Later versions checked to see if the Apple computer in question had an unpatched version of Java with two software vulnerabilities.