Ironically discovered on Friday 13th, the new Trojan – Sabpab – uses the same vulnerability in the OS X’s Java plug-in to infect Macs, warns security firm Sophos.
It also doesn’t require any user interaction to infect a system either – just like Flashback – all that needs to happen is for you to visit an infected webpage.
“The newly discovered Sabpab malware is in many ways a basic backdoor Trojan horse. It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do. The criminals behind the attack can grab screenshots from infected Macs, upload and download files and execute commands remotely,” said Graham Cluley, senior technology consultant at Sophos.
If you have updated Java on your Mac then you will be protected from the new threat and most Mac anti-virus software will protect against Sabpab as well. Sales of security software for Mac apparently jumped after the discovery of the Flashback Trojan earlier this month.
Flashback was estimated to have infected more than half a million Macs worldwide and even managed to infect some systems in Cupertino, according to some reports, though this was never officially admitted by Apple.