Flashback trojan reportedly controls half a million Macs and counting

By lamminium
in Back Page News

 Share

Recommended Posts

Veteran

lamminium

Posted
Posted

Variations of the Flashback trojan have reportedly infected more than half a million Macs around the globe, according to Russian antivirus company Dr. Web. The company made an announcement on Wednesday?first in Russian and later in English?about the growing Mac botnet, first claiming 550,000 infected Macs. Later in the day, however, Dr. Web malware analyst Sorokin Ivan posted to Twitter that the count had gone up to 600,000, with 274 bots even checking in from Cupertino, CA, where Apple's headquarters are located.

We have been covering the Mac Flashback trojan since 2011, but the most recent variant from earlier this week targeted an unpatched Java vulnerability within Mac OS X. That is, it was unpatched (at the time) by Apple [...]

Source.

There's an instruction to check if your Mac is infected in the article.

Link to comment
Share on other sites
Grand Master

Brandon H Supervisor

Posted
  • Supervisor
Posted

and this is why i hate the fact that apple is in control of java updates (mainly the fact that they rarely release them)

java needs to be able to be kept up to date up to date, not at apples leisure, because there are CONSTANTLY security holes like this one being patched in java

Link to comment
Share on other sites
Grand Master

Ci7

Posted
Posted

why the hell bundle Java? :x apple doing it wrong

it never touched my PC since many years ago (for Java programming Class that is it)

Link to comment
Share on other sites
Grand Master

Brandon H Supervisor

Posted
  • Supervisor
Posted

why the hell bundle Java? :x apple doing it wrong

it never touched my PC since many years ago (for Java programming Class that is it)

it's not bundled anymore since Lion but you still can't get a higher version then what apple gives you should you choose to install it
Link to comment
Share on other sites
Grand Master

+Warwagon MVC

Posted
  • MVC
Posted

So basically a large % of the Mac Community is infected. I've been preaching the dangers of java for a while now. Lets reference my signature shall we (Although my sig may change in another 10 posts)

Link to comment
Share on other sites
Grand Master

Dot Matrix

Posted
Posted

The talkbacks on ZDNet are hilarious (emphasis mine):

It's NOT happening now. As a writer, Ed, you need to check your facts before you simply publish some PR company's "advertorial." Show me the infected Macs (that don't have Virus applications, Trojans or other malware on them that only runs on Windows). I'll bet that F-Secure can't show YOU 1,000let alone 600,000 Macs infected with this Trojan.
Apple released an update LAST FALL to handle this very exploit in the JVM. And everyone's Software Update alerted them that they needed to update and reboot their system. And the "exploit" requires that the user first type in his or her password in order to install the malware, which ought to have alerted the unwary.

So, a good six months after Apple releases a patch, F-Secure publishes documentation on an exploit that they most probably created to take advantage of a past vulnerability that has all ready been patched. Then they estimate that 600,000 (a nice, round number) Macs are "infected," because they managed to infect their one Mac with the Trojan.

F-Secure is presently trying to beta-test an anti-malware application to run on Macs. So their motivation is clear: 1: Scare OS X users into thinking they're vulnerable, 2: get more people for their beta test, 3: sell their app to them and 4: profit. But please note: F-Secure's beta test only runs on Leopard and Snow Leopard (that's 10.5.x and 10.6.x), and Apple released Lion (10.7) back on July 20, 2011. Obviously, F-Secure acknowledges that Lion is even LESS vulnerable than previous versions of OS X.

Apple will be further locking down applications that run on their operating system with Mountain Lion, making the Mac even more impervious to malware. Currently, the ONLY issue with malware on Macs is that they could, if they run Windows or are hooked up to a network with Windows computers sharing that network, be a repository for viruses to repeatedly attack the Windows OS.

Thus, if you are running Windows on your network or on your Mac, you need an anti-malware application for protection. Those who aren't needn't bother.

Sorry, folks. This is just not true. I challenge ZD to find 100 infected Macs (that are not owned by a malware-prevention company), let alone 600,000, and show that they are, indeed infected by this Trojan. The ONLY WAY a Mac running OS X can be infected with any malware app is for the user to type in his or her password to install the app. Period. And if you're surfing the web, you're not typing in passwords.

Macs DO and CAN have malware on them, but the target for the Malware is Windows, not OS X, so if you do not run Windows on your Mac, and if your Mac is not hooked up to a heterogenous network with both Macs and PCs running Windows, there is NO DANGER.

Why Ziff-Davis would continue to spread this outright falsehood is puzzling. Perhaps they're accepting tons of money from F-Secure, Mcaffee and Symantec to do this. I have now personally checked 40 Macs running several versions of OS X for this supposed Trojan. None have it. I have checked in with a large community of creative professionals. None have it. Apple is going to be releasing Mountain Lion soon, which will further lock down applications to prevent malware on the system and the companies that sell malware prevention see that this false rumor is the last chance they have to fool Mac users into thinking they need their applications. Additionally, as tablets and smartphones become the daily computer-of-choice for consumers, these companies see their market shrinking dramatically.

So find me actual infected Macintosh computers running current versions of OS X that number any significant fraction of the claimed infection first before you report this falsehood. I always used to think that fact-checking was part of journalism. By the way, I did try posting this on my iPad. Your website apparently doesn't allow that. Maybe it's because iPads are impervious to malware?

Shake my head.

Link to comment
Share on other sites
Grand Master

BajiRav

Posted
Posted

They are not hacked. They are simply all in one big Apple Cluster. Its their P2P cloud...

/troll

the real iCloud?

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.