Security firm Intego is warning about new variants of an “insidious” Trojan that aims to steal banking credentials and other online login details from Mac users.
The latest variant of the Flashback Trojan use a combination of Java vulnerabilities and social engineering to install itself on Macs running the Snow Leopard version of the operating system.
“This malware is particularly insidious, as users don’t download anything or double-click any file to launch an installer,” Intego wrote on its security blog.
Users running Macs with older versions of Java are at risk from the Flashback.G Trojan being installed after visiting a compromised web page, Intego warned.
If that is not successful, Flashback.G will also try to trick users into installing the Trojan by posing as a certificate from Apple (see below).
Once installed, the malware searches for user names and passwords used for websites, including PayPal, Google, Yahoo and online banking systems.
The Flashback Trojan is chiefly targeting Snow Leopard systems because OS X Lion does not come with Java pre-installed.
Intego advised users running Snow Leopard to update Java immediately to ensure their systems are patched against the vulnerabilities.
The Trojan warning comes just days after Apple revealed that the next version of its operating system will include additional malware protection.
Its Gatekeeper system will allow users to control which applications are able to be installed on their machines, a sign that Apple is slowly waking up to the threat of malware targeted at its operating system.