The attacks are launched by a web-hosted malicious Java applet exploiting CVE-2011-3544 (an elderly, already-patched vulnerability in Java) to download and install a persistent (i.e. remaining active after reboot) backdoor Trojan with botnet-like C&C (command-and-control) capability, connecting to the server dns.assyra.com (100.42.217.73).
via Mac & Windows Targeted Attacks: East of Java « Mac Virus.
Ricordatevi di aggiornare Java Runtime Environment, se lo usate.