Search This Blog

Python-based malware exploits Java vulnerability,targets Mac &Windows


Sophos security researchers have identified a new malware that is targeting both Mac and Windows computers, exploiting the infamous Java security vulnerability that allowed the Flashback botnet to commandeer 600,000 Macs.

When a user visit a compromised webpage, it downloads the malicious software onto their computer by exploiting the Java vulnerability.

Depending on the operating system , it downloads different malicious files. Sophos detects the malicious file downloaded in windows as Mal/Cleaman-B and a malicious file downloaded in Mac OS X as OSX/FlsplyDp-A.

Once it infect the user system, it will download the further malicious code-downloading the Troj/FlsplyBD-A backdoor Trojan on Windows computers, and decrypting a Python script called update.py (extracted from install_flash_player.py) on Mac OS X.

"This Python script acts as a Mac OS X backdoor, allowing remote hackers to secretly send commands, uploading code to the computer, stealing files and running commands without the user's knowledge." Researcher said.


Security Tips:
  • Are you using still unpatched version of Java? It is time to update it.. Make it fast before you fall for this infection.
  • Not only Java, update all software.
  • Install Security solutions.
Share it:

Mac Malware

Malware Report