The New York Times has published an article 'Widespread Computer Virus Indicates Macusers No Longer Safe'. The trojan virus is called Fakeflash or Flashback.
Apple has always held that computer viruses and malware only dogged its competitors, they write. That is no longer the case.
Apparently, the virus has infected half a million Mac users, about half of them in the United States.
[...] users need not manually click on any malicious links or manually download any malware to get infected. The program simply downloads itself. Once downloaded, the malware’s creators gain a back door that gives them unauthorized access to the victim’s computer. For now, the article says, the malware’s creators appear to be using infested computers for click fraud, in which they manipulate clicks on a Web advertisement in exchange for kickbacks. But as with all malware, its creators can choose to use infected computers however they like.
The virus infects computers either through a pop-up fake prompt from Adobe Flash asking to install an update and type in their password, or and this is more frightening, attackers appear to have exploited a loophole in Java software that automatically downloads the malware onto victims’ machines.
As to how to deal with the threat, Apple issued two security patches for Fakeflash this week and encouraged Mac users to run their software updates as soon as possible. The New York Times author recommends F-Secure, a Helsinki-based security firm, published instructions for how to identify Fakeflash and remove the virus manually. Doctor Web, the Russian security firm that first discovered the virus, has created a simple online tool that allows users to check if their Mac has been infected.