Security vendors have discovered a new piece of malware that attacks both PCs and Macs. It uses the same Java security vulnerability exploited by the Flashback malware that infected hundreds of thousands of Macs. While the attack vector is the same as in Flashback, this Java applet checks which OS it is running on and downloads suitable malware for it.
Malware writers love using a cross-platform plugin as an attack vector because it allows them to target more than one operating system, and thus more potential users. Since Java has been having security problems for a while now, it shouldn’t be too much of a surprise it is now being used in an attack targeting both Windows and Mac computers.