There is a Mac Trojan that is spreading via a known security vulnerability in Java within Mac OS X. Apple has patched the vulnerability but that does not mean you may not be infected.
This particular variant is Trojan-Downloader:OSX/Flashback.I according to F-Secure.
According to F-Secure – Trojan-Downloader:OSX/Flashback.I connects to a remote site to download its payload; on successful infection, the malware modifies targeted webpages displayed in the web browser.
In other words, it is a browser high-jacker.
Macs are commonly known to not have major issues with virus and malware infections due to several factors which I will not get into right now – but regardless of what you think about Macs this is a serious issue as there have been many reports of this infection in the wild.
Unlike many other malware threats in the past this does not require the user to enter a password.
How can I check to see if I am infected?
Thanks to John Welch, @bynki on Twitter, we have a quick little AppleScript that will check the two possibly infected files to see if you are infected. If you want to take a peek at the code in the script, feel free to do so.
Note: We have edited the original script to be a little more friendly.
If infection is found
If the script detects an infection you can follow the instructions from F-Secure, but if you are not comfortable using Terminal commands, please do not try and give us a call.
If no infection is found
Run Software Update. Seriously, do NOT skip this step.
If you have any questions give us a call and we would be glad to help.