The malicious code is from a family of password-stealing programs originally spotted last year, says Liam O Murchu, manager of operations for Symantec’s (SYMC) security response unit. The owners of infected computers could be exposed to identity theft and fraud. Doctor Web reports the virus can also alter Google search results, displaying spam links instead of actual ones.
Boris Sharov, CEO of Doctor Web, says the number of infected machines started leveling off soon after Apple’s software update. Normally, new patches temporarily cause an uptick in attacks since they publicize the underlying flaw, and not all users update their computers at once. Apple may have been helped by its practice of distributing patches to all of its machines, even those using pirated software, and frequently reminding users when they have updates waiting. Also, Apple stopped installing Java by default last year, putting fewer computers at risk.