Report: Mac trojan claims 500k machines

A trojan horse has emerged to take control half a million Macs, according to Russian antivirus company Dr. Web. Exploiting a vulnerability in Java, the naughty software connects to a remote host and modifies web pages displayed in your browser. Jacqui Cheng at Ars Technica:

Variations of the Flashback trojan have reportedly infected more than half a million Macs around the globe, according to Russian antivirus company Dr. Web. The company made an announcement on Wednesday—first in Russian and later in English—about the growing Mac botnet, first claiming 550,000 infected Macs. Later in the day, however, Dr. Web malware analyst Sorokin Ivan posted to Twitter that the count had gone up to 600,000, with 274 bots even checking in from Cupertino, CA, where Apple's headquarters are located.

At Daring Fireball, John Gruber wonders why there's so little news about it:

The weird thing to me is that if true, this sounds like the worst malware problem Mac OS X has ever seen — yet there doesn’t seem to be any hysterical media coverage about it. Hypothetical Mac security problems often get hysterical coverage; now we apparently have an actual security problem and it’s no big deal?

If this is for real, perhaps it's simply taken news media by surprise. Traditional "Mac virus" stories—the ones that turn out to be bullshit—are fed to us in readily-publishable form by analysts or the sort of researchers who help Symantec with its press releases.