Security watchers warned on Friday that a new variant of a Mac-specific password-snatching Trojan horse is spreading in the wild.

Flashback-G initially attempts to install itself via one of two Java vulnerabilities. Failing that, the malicious applet displays a self-signed certificate (claiming to be from Apple) in the hope users just install the malware.

Once snugly in place, the malware attempts to capture the login credentials users enter on bank websites, PayPal, and many others.

OS X Lion did not come with Java preinstalled, but Snow Leopard does, so users of Mac’s latest OS are more at risk of attack.

Source: The Register