Estimated read time: 2-3 minutes
This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
Fresh off the news that more than 650,000 Mac computers have been infected with a nasty Trojan horse virus called Flashback, another Apple threat is on the prowl.
According to anti-virus software provider Kaspersky Lab, a Trojan called SabPub or more formally, Backdoor.OSX.SabPub.a has recently been spreading via Java and could be infecting computers when people open email messages with suspicious links that direct users to malware.
The Flashback and the SabPub Trojans are totally different, Alex Gostev, chief security expert of Kaspersky Lab, told Mashable. SabPub is classic backdoor Trojan, so it opens full access to a victims system for attackers. Flashback and its known variants is downloader and clickjacking bot, which means it conducts click fraud scam by hijacking peoples search engine results inside their web browsers.
That said, the latest malware has the potential to reach far more computers than the Flashback Trojan.
The SabPub Trojan could reach more people than the Flashback Trojan, Gostev said. In February, SabPub was exploiting a Microsoft Word vulnerability, which was fixed long time ago, by using Java exploit in a more effective way. It has the potential to affect more people because it uses the Java exploit for a drive by download, meaning people can click on URLs with malware via email.
Gostev also noted that SabPub is also being used to attack specific targets: It would seem that the attackers have an extremely select list of victims that is not very large.
Although Mac users may think they are safe from viruses, Kaspersky Lab noted that before 2012 about 300 variants of Mac malware had been detected. Now, however, more than 70 have been detected in the past three months.
SEE ALSO: Find Out if Your Mac Has the Flashback Trojan the Fast and Easy Way
Last week, Apple released a security patch for Java that prevents the Flashback Trojan called Flashfake from exploiting the vulnerability to infect computers. Since then, Kaspersky Lab said it has seen a decline in the number of active bots for Flashfake, dropping from more than 650,000 infected computers to just 237,000.
However, the decrease in infected bots does not mean the botnet is on its way out. The numbers represent the active bots connected to Flashfake during the past few days it is not the equivalent of the exact number of infected machines. Infected computers that were inactive during Easter weekend would not be communicating with Flashfake, which makes them not appear as an infected bot, Kaspersky said.
Gostev advises that all Mac users stay up to date with their Apple software: We recommend users update their systems immediately with the latest security update from Apple.
Image courtesy of iStockphoto, Henrik5000
More About: apple, computers, Macs, malware, trending, trojan
