The research conducted by Dr.Web, Russian anti-virus firm , determined that more than 600,000 Mac computers are infected with BackDoor.Flashback botnet, most of infected systems are located in the U.S and Canada.
On April 2, F-Secure spotted a new Flashback variant exploiting CVE-2012-0507 (a Java vulnerability,Oracle released an update that patched this vulnerability back in February… for Windows.). On April 3, Apple issued a patch for the six week old flaw with an update to Java 6 update 31. Unfortunately, the malware spreads already in wild.
The exploit download an exe file in the victim site; The file is used to download malicious payload from a remote server and to launch it.
Security experts recommends Mac users to download and install a security update released by Apple from support.apple.com/kb/HT5228 to prevent infection of their systems by BackDoor.Flashback.39.