+ Reply
Results 1 to 5 of 5

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: Newly Discovered Mac Trojan Exploits Same Java Vulnerability found in Flashback

is a discussion within the

Mac News

forums, a part of the

General Apple/Mac

section;
...
  1. #1
    MMi Staff Writer Akshay Masand's Avatar
    Join Date
    Sep 2011
    Location
    New York City
    Posts
    3,946
    Thanks
    3
    Thanked 123 Times in 108 Posts

    Default Newly Discovered Mac Trojan Exploits Same Java Vulnerability found in Flashback


    New malware dubbed “Dockster” that takes advantage of a well-documented Java vulnerability has been found on a website dedicated to the Dalai Lama. The Trojan has been able to install itself on a Mac user’s computer to capture keystrokes and other sensitive data. At the time of its discovery (on November 30), the code’s creators were testing whether it would be detected, but as of this writing, the malicious code is now “in the wild.”

    As mentioned in a previous report from F-Secure, Dockster leverages the same Java vulnerability to drop the backdoor onto a Mac, which then executes code to create an agent that feeds keylogs and other sensitive information to an off-site server. In the case of Flashback, which was discovered by Intego, a reported 600,000 Macs were affected before both Apple and Oracle ended up releasing a Java patch to remove the malware and protect against future attacks.

    The new Dockster seems to take advantage of an already fixed weakness; users who haven’t yet updated their Macs or are running older software may still be at risk. We’ll have to see what Apple and Oracle end up doing to remedy the situation; in the meantime, we'd suggest practicing safe browsing.

    Source: F-Secure, Intego

    Twitter: @AkshayMasand

  2. #2
    iPhoneaholic spazturtle's Avatar
    Join Date
    Mar 2009
    Posts
    321
    Thanks
    115
    Thanked 27 Times in 16 Posts

    FFS: If you let any old java app from the web run you deserve Trojans.
    When it asks you if you if you want to run the java on the website just say no.

    Also when apple give you a security update just install it.

  3. #3
    Livin the iPhone Life steve-z17's Avatar
    Join Date
    Sep 2007
    Location
    Utah
    Posts
    2,244
    Thanks
    91
    Thanked 141 Times in 121 Posts

    If you don't update your computer/software and get malware on your Mac you have no one to blame but yourself. It doesn't take long at all to do a software update and it could save you some grief.

  4. #4
    What's Jailbreak?
    Join Date
    Feb 2012
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    or... you know... you have an old version of an OS that apple and/or java isn't updating anymore, and can't update to a newer OS because of the requirements needed for the upgrade aren't there...

  5. #5
    Super Moderator Cer0's Avatar
    Join Date
    Apr 2008
    Location
    MN/WI
    Posts
    14,005
    Thanks
    388
    Thanked 1,141 Times in 891 Posts

    Turn off Java in Safari or whatever browser you use then.

    Haven't had mine on in a long time.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts