It's a malware tactic that is taken for granted in the Windows world. A vulnerability in a common software interface - in this case Java - is hit multiple times by different malware campaigns, usually in quick succession.

The difference this time is that the attack is cunningly cross-platform, hitting Mac and Windows users.

If encountering an unpatched Windows system, the attack installs a backdoor whereas for Mac computers the attackers download a Python script to perform the same function. Although not as sophisticated, the latter still gives the hackers a lot of file-stealing and remote power over the Mac.

"This attack is quite different from the earlier Flashback attack, and may indicate that other cybercriminal gangs are exploring the possibilities of infecting Mac computers," commented Graham Cluley of Sophos.

"Although Windows users are generally pretty good at running anti-virus protection, Mac users are only just waking up to the need," said Cluley.