The Flashback MacBot has shrunk from a claimed 600,000 infected Macs on 5 April to 270,000 on 11 April. Symantec reported on 11 April that the MacBot has declined from 380,000 Macs to 270,000 in the previous 24 hours.
Flashback relies on a vulnerability in Java which Apple patched on 4 April. It was first identified by security firm Intego last year. Apple is now developing software to remove Flashback malware, but it has been criticised for its slow response to the three-month-old Flashback security breach. (More below)
Originally, Flashback masqueraded as an installer for Adobe’s Flash Player – hence the name – but the malware has changed tacks recently, pretending to be a Mac software update or a Java updater.
Apple’s update patches multiple vulnerabilities in Java 1.6.0_29 – including some that could allow malicious code to run on your Mac outside of the Java sandbox, triggered merely by your visiting a webpage containing a nefarious code.