In a fight with Mac OS X famous Flashback Trojan, Apple announced recently that they would launch a new tool or update to its existing tools to remove the Flashback malware from the infected machines, and as well as they have contacted with ISP’s all over the world to block the Flashback bot-net network around the half-million affected Mac OS running machines. Apple has already released two Java updates to Mac OS users to fix the few exploits in Java Runtime, which allows the Trojan to land on your Mac machine and take control over the machine without your knowledge.

However, today it is reported that Apple has seeded an another Java Runtime update for Mac OS X users who remove the very known variants of the Flashback malware from the affected machines, and also protect the machine from other future attacks from the flashback Trojan. The new Java update removes the flashback malware from your Mac running machines, and as well as disables the automatic execution of Java applets on the Mac OS running machines. If the malware again tries to enable the automatic execution of the Java applets, it will be automatically detected and removed from the machine, and as well as the automatic execution will also be disable again.

It was reported by the security research firms that more than 600,000 Mac machines were infected by the Flashback Trojan on the sky, and these machines are connecting with the host server through the hidden tweets on Twitter. However, now the Mac machines are seemed to be protected again with new security measures, as F-Secure quickly jumps on the scene and launched the couple of tweaks, and tools to detect and remove these malwares from the affected machines.

The new Java Runtime update for Mac OS is available to download, and it is also seeded to Mac OS machines through the Software Update.

Apple has already joined the party against the Flashback Trojan attack on half-million different Mac running machines all over the world. It seems that Apple has just begun moving aggressively against the exploit in the Java runtime which actually allowed the hackers to take over the Mac OS security with some deep holes in the service. Apple has already seeded around two quick updates to Java Runtime for Mac OS X Lion, and Snow Leopard users to fix the basic Java Runtime exploits, which opens your Mac machine to the deadly Flashback Trojan.

However, the Apple has started its fight against the Flashback Trojan again silently without making any public presence regarding the issue. It is now reported that Apple has finally updated its Mac Support page about the Flashback Trojan attack on Mac OS running machines, and promises to soon launch a fix for the infected machines. Apple has just begun working on a new tool for the Mac OS infected machines to remove the Flashback completely from the machines, and double-check the security of Mac OS running machines again for the next attack.

In addition to the general development of a new tool against Flashback, it appears that Apple has been already in contact with several ISP’s around the world to trace down the Flashback botnet’s mask, and requests to put a hold on several domains, and network mediums to stop communicating the botnets with the original Flashback transmitting sources. Initially, it was reported by a research firm that Flashback was using Twitter on a very intelligent basis to communicate with master servers, and the servers broadcast commands through some special coded tweets over the Twitter.  Apple has already hit ISP’s with the number of domain names to block their internet access, while they are attempting to develop a new security tool for the Mac machines.

We have already reported you about the deadly Flashback Trojan program that affects around the half-million Mac machines with its recent return to the platform. Mostly, Mac OS users won’t use any kind of anti-virus software on their machines, as Apple committed to providing them the securest operating system platform, and so far, Apple actively combat with several malware programs to keep them out from its OS X running machines, but it seems that the most recently discovered return of Flashback malware broke the Apple’s security test, and finally now entering in the hundreds of Mac OS running machines.

However, the security firms are actively working on the solution to make Mac OS X again secure place for the users to use as their official operating system in the premium hardware purchased from Apple. During the research against Flashback, it is reported that security researchers have found a new Windows tool that is capable of generating infected files to affect the OS X running machines.  There are now speculations that hackers might be using this kind of Windows developed to tools to generate a different kind of malware programs to attack on OS X running machines.

The researchers have discovered a Windows hacker tool that is capable of generating malware injected Office documents to infect Mac OS X running machines. The infected Office-files are currently being used against the NGO (non-governmental organizations) to attack on their data. According to research, the hacking tool is using the old-age Office vulnerability from 2009 that allow hackers to easily execute the arbitrary code on Mac OS X running machines, and there are highly chances that a group of hackers is currently using the exploit to land on several Mac OS running machines using the backdoor scripts on Mac OS X systems.

The Windows tool that is being used by hacker to generate malicious code is called “MalHost-Setup.exe” is capable of generating several Office documents; such as Word, Excel, PowerPoint documents to affect the Mac OS X running machines.  The deep research regarding the exploit shows that the content of the Word document are not encrypted, and therefore, it allows hackers to generate their own versions of different malwares to affect the OS  X running machines.

In the last couple of weeks, we have seen that famous Flashback malware is returned to the Mac OS platform, and Apple is actively battling with the exploit to make its OS X secure for the users. We have reported you last month that Flashback is returned on the Mac OS and this time the malware comes up with new tactics to hit the users, and make users fool with its new tricks to make a way to their most secured Mac machines. The new Flashback malware reportedly using the fake certificate signing trick with the name of “Apple Inc” and tries to enter in the user’s machine to take control over its files, the new malware is quite intelligent and knows very well, how to hide itself from Mac OS watchdogs.

However, the security firms which, firstly discovered the presence of this new Flashblack malware reported earlier that these malwares are actually no breaking anything on the OS, instead using third party plugins loop holes to enter in the machines, like the Java runtime programs. The Java runtime is opened to everyone, and most of the hackers are using to seed their malwares to users at the wide range without even working hard to break the real security of operating systems.  It is now reported that Apple has finally updated the Java Runtime for OS X, and released the new update in the public to fix the machines that were attacked by the new flashback malware.

• Java for Mac OS X 10.6 Update 7
• Java for OS X Lion 2012-001

The security patch or the new Java Runtime update for OS X is available to download for all the users running the latest Mac OS X 10.6 and the OS X Lion. As we know, Apple had recently dropped the support for the older OS X versions, so there will be no Java runtime update for the older OS X running users.

It is highly recommended to users to update their machines with the new updates, if they are already running Java Runtime applets on their machines. The updates are available to download from both Apple Software Update program or the online support website.

Earlier last month, we have reported you about the return of the famous Mac OS X trojan called “FlashBack” that is popular for his entrance into Mac OS  through the custom installation of Flash installer on Mac OS, but on the arrival of newer malware version we have reported you that malware has become more evil than before, now it fools the Mac OS users with a certificate signature by Apple Inc, which lets the malware to enter in the Mac OS easily. This time the FlashBack comes with some more evil tricks as it occupies three different ways to enter in the Mac OS, and the new ability to hide its process from the Apple’s threat finding software.

 

Last year, we reported about the trojan horse that targets Mac, and bypassing the Mac OS security barrier through the non-official Adobe Flash Player installer on Mac devices. The old trojan horse is back with name of “Flashback”, and with some pretty cool tricks to infect your Mac devices with new vulnerabilities. While Apple is famous for its quick security moves on iOS and Mac OS devices to protect the users, and their important personal data from such kind of malicious software programs on their operating system, and already provided Mac users with a new kind of detection system of such kind threat on the machine with daily updated list of threats.

The report regarding the return of “Flashback” is firstly reported by the security firm Intego that believes that the new trojan is more active and intelligent than the older version of the trojan, and tricks users with couple of ways to get enter in the Mac OS. Basically the trojan firstly tries to enter in the computer through some Java-runtime vulnerability on your device, but if your Java-Runtime is up-to date with all latest necessary security updates, then it tries to enter in the operating system through a fake certificate, and fakes the signer name as “Apple, INC” .

As reported by the security firm, most of the users actually won’t know about the reality of the success and approves it entrance in their machines, and allow it openly to check and command your operating system without your knowledge, it also tries to trick some other third party applications on your device, and log all the saved usernames and passwords to send into their servers, like PayPal, eBay, or some personal information.

Moreover, the new trojan horse is much intelligent and hides itself tightly on the presence of any antivirus system on your Mac machine. It stopped using the basic method of installation, and start searching for the new vulnerabilities in the machine through the Java Runtime.

Now, It is highly recommended to all the Mac users to check and update their Java Runtime software with new updates, and focus to update their operating system to newer one, as the older gen Mac OS X 10.6.8 is freely open to such kind of malicious software hacks.