Security firm Intego on Monday announced that it had discovered a new variant of the Flashback malware called Flashback.S that continues to use a Java vulnerability Apple has already patched . This variant requires no password to install, and it places its files into the user’s home folder in “~/Library/LaunchAgents/com. java.update.plist” and “~/.jupdate.” Once Fashback.S is installed, it will then delete all files and folders in “~/Library/Caches/Java/cache” in order to delete the applet from the infected Mac, and avoid detection

We're not quite done with Flashback yet. The good news is that the number of Macs affected by the trojan has gone down greatly , but the bad news is that there's a new variant of it out in the public. It's called Flashback.S , and just like the original, it can worm its way into a Mac's home folder without the admin password

The “Flashback” virus discovered to have infected more than 600,000 Mac computers earlier this month originated on a series of WordPress blogs, security experts have determined. According to Alexander Gostev, head of the global research and analysis team at Kaspersky, the virus began as a trojan hidden within a fake Adobe software update. In March, however, the malware’s creators repackaged the virus in a “drive-by attack” that infected users’ Apple computers when they visited one of thousands of compromised WordPress blogs.

Security firm Trusteer warned this week of a trojan that is capable of stealing an individual’s credit card information from hotels. The firm’s intelligence team discovered the remote access trojan being sold on underground forums for $280.

The writing is on the wall. Our time of innocence is gone. Researchers from Kapersky Labs claim Mac market share has finally reached the critical point, and the platform is now an attractive target for online criminals.

In a tech note published today , Apple discussed the Flashback trojan ( past coverage here ) and reminded users of OS X 10.6 and 10.7 that they should install the April 3 Java update to remove the vulnerability that the malware uses to infect Macs. For users of OS X 10.5 Leopard or earlier, Apple has not updated Java yet to patch the flaw; in that case, Apple's recommendation is to turn off Java in the browser to guard against Flashback. The note also says that "Apple is developing software that will detect and remove the Flashback malware." No ETA on that yet; in the meantime, the company is working with network service providers to disable or block the command and control servers that Flashback checks in with

As this holiday weekend draws to a close, the unfortunate fact is that we may be dealing with the largest Mac-centric botnet ever documented in the wild . While the Flashback trojan is easy to find and simple to prevent -- in fact, a stock Lion installation includes neither Java nor the Flash plugin, cutting down dramatically on the attack surface for malware of this kind -- there are still thousands of compromised Macs out there. Given the requirements of a Java installation to enable the trojan's exploit, it looks like a nontrivial number of infections have hit experienced Mac users

Apple on Friday issued a second software update to address a security flaw on its OS X operating system that has allowed a massive botnet to form. The update, “Java for OS X 2012-002,” is only available for desktop and laptop PCs running OS X Lion 10.7; Apple issued a similar update last week for both Lion and Snow Leopard, and the exploit was seemingly addressed properly the first time on the Snow Leopard OS.

According to Russian antivirus firm Dr. Web , over 600,000 Macs worldwide are infected with the Mac flashback trojan .

According to Russian antivirus firm Dr.