It was inevitable. The growing percentage of Mac users has reached a point where creating a piece of malware just for Macs is now worth the while of hackers.
“Flashback.I” masquerades as an Adobe Flash player update. Mac Users installing the update are asked for their user names and passwords. If the user is alert enough to refuse, the malware still installs itself, but with reduced permissions.
Once a computer has been hacked, the virus can harvest passwords from other programs to retrieve personal information which includes user names and passwords.
Fprot’s site says,
"The malware will request an administrator password, and if one is supplied, it will install its package of code into the Applications folder. If a password is not offered, the malware will install to the user accounts where it can run in a more global manner."Either way, this is an extremely sophisticated Trojan/Downloader. If it sees installed software that it is incompatible with, it will uninstall itself and phone home. This prevents infecting a Mac and causing freezes or reboots, which might alert a user that something is wrong.
Apple is providing a new download, but for many users this is a rude awakening. Users who have not already installed virus protection software should do so, and those who have it already should make certain it is updated.
Once more, for emphasis: Once a computer has been hacked, the virus can harvest passwords from other programs to retrieve personal information which includes user names and passwords.
More information is available at: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
