The vendor says that the systems are infected with BackDoor.Flashback.39 "after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system." JavaScript code will then be run with the exploit. Some of the sites that will infect the computers are godofwar3.rr.nu, ironmanvideo.rr.nu, killaoftime.rr.nu, gangstasparadise.rr.nu, mystreamvideo.rr.nu, bestustreamtv.rr.nu, ustreambesttv.rr.nu, ustreamtvonline.rr.nu, ustream-tv.rr.nu and ustream.rr.nu.
Those are just a few of the sites, and Doctor Web says there can be thousands of compromised web-pages.
The spread of the Trojan began in February, and Apple only just closed the vulnerabilities this week.
For a more technical look, check here: Dr Web news