Intego reports another Flashback variant (Intego calls it Flashback.S) that continues to use the infamous Java vulnerability that Apple has now finally patched. This variant doesn’t require you to enter a password before installing.
Intego apparently have several samples, but I haven’t seen any binaries or hashes yet.
Hat tip to ESET’s Alexis Dorais-Joncas for the heads-up.
David Harley CITP FBCS CISSP