Apple planning to fix Flashback malware issue

The fiction that Mac computers are nearly malware free was shattered last week when Doctor Web announced they had discovered a botnet that covered over 500,000 Mac-based PCs. The botnet's computers were infected with a malware called "Backdoor.Flashback" that redirects the PC to view websites likely set up by the people who created the malware.

Now Apple has announced it will be taking action to get rid of the Flashback malware. In a post on the company's support page, Apple stated, "Apple is developing software that will detect and remove the Flashback malware." There's no word on when this software will be released.

The malware was installed thanks to a flaw that allowed JavaScript code to load to a Java applet that contained Flashback to a Mac PC. Apple states in their support page they have fixed this flaw in an update released on April 3rd for Mac OS X 10.7 and 10.6. If you still have a Mac that's running OS X 10.5 or below, Apple says you should disable Java on your web browser.

The support pages adds:

In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network.

Meanwhile a post on the Symantec web site says that the number of Mac PCs that have been infected with the malware has gone down to 270,000, almost half the number revealed last week.

Report a problem with article
Previous Story

Report: Lumia 900 costs $217 in parts and labor

Next Story

Rumor: Kinect coming to Windows Phone 8

28 Comments

Commenting is disabled on this article.

There's crapware for every single OS out there, it's just a matter of how much. There is more out there for Windows right now and has been for a while. How that gets beyond people's childish rants I don't know.

I'll use OS X or Linux unless I need Winders for a game, but realistically the main thing is to be responsible on the web, have a clue what you're clicking on, and it never hurts to use some nice tricks like a hosts file or something like that. No "anti-virus" programs on my xp or 7 installs here, both are 16 and 24 processes respectively just like when I installed them. And yes I've done normal web browsing on them.

some of these guys are apple fanboys the man that found the virus is and expert i would think he knows what hes talking about no computer is malware free or virus free they can hit anny computer anytime.

That maybe so yodat but the most unsecure part of any computer is it's user people need to be educated about how stay safe online

yodat said,
This is a very good example of how Java is so insecure independent of the platform.

According to the many report and my personal experience Java is the most common source of malware due to design problems: http://www.h-online.com/securi...g-to-Microsoft-1387528.html

Theres two ways to go with java, either update it as it comes out or don't install it. It's stupid to blame java in everything out there, its been on the net for ages that java MUST BE updated at all costs.

alwaysonacoffebreak said,

Theres two ways to go with java, either update it as it comes out or don't install it. It's stupid to blame java in everything out there, its been on the net for ages that java MUST BE updated at all costs.

All dependent software must be updated. The same goes for IE, flash, etc. Even if you use another browser, keep your IE up to date too.

dotf said,

All dependent software must be updated. The same goes for IE, flash, etc. Even if you use another browser, keep your IE up to date too.

Well yea but since this topic was about java I was just pointing that out My point stands, it aint javas fault if the dumbuser isn't updating his software on time.

I've gotten spam emails from multiple people who claim their mac was infected with the Trojan when asked later, I'm actually quite surprised it managed to infect so many computers. so much for the mindset of 'I've gotta mac so I don't need to worry about security..."

If you're watching the furious debate on Mac Rumors, they only claim Macs are "Virus" free, and then only "PC Viruses". Trojans come under "Malware", not "Viruses" so technically there are still no viruses for Macs.

McKay said,
If you're watching the furious debate on Mac Rumors, they only claim Macs are "Virus" free, and then only "PC Viruses". Trojans come under "Malware", not "Viruses" so technically there are still no viruses for Macs.


Malware includes computer viruses, worms, trojan horses, spyware, adware, most rootkits, and other malicious programs.

http://en.wikipedia.org/wiki/Malware

McKay said,
But a Trojan is not a virus, so technically, Macs don't get viruses.

True, but trojans/spyware/adware are a bigger issue now a days.

McKay said,
If you're watching the furious debate on Mac Rumors, they only claim Macs are "Virus" free, and then only "PC Viruses". Trojans come under "Malware", not "Viruses" so technically there are still no viruses for Macs.

Get out of here with your semantics. It's a scumbag move to market your product as "virus free" when you damn well know that 95% or your customer base thinks spyware, malware, trojans all = virus then say "Oh no we didn't mean those bad things. You're defining it wrong".

McKay said,
But a Trojan is not a virus, so technically, Macs don't get viruses.

stupidest comment ever.. a trojan may also perform virus activities.

Xenosion said,

Get out of here with your semantics. It's a scumbag move to market your product as "virus free" when you damn well know that 95% or your customer base thinks spyware, malware, trojans all = virus then say "Oh no we didn't mean those bad things. You're defining it wrong".

It's funny because you're claiming Apple is/was saying all of this stuff that it's actually not saying. Also, I'm interested to know the source for your, "...damn well know...," statement. Apple markets the Mac and OS X as, "It doesn't get PC viruses. A Mac isn't susceptible to the thousands of viruses plaguing Windows-based computers." That's been their stance for a good while now, and it's also true. A virus written for Windows will not harm a Mac, but the thing they do leave out is that the Mac can still spread it.

They also provided pointers on how to avoid such bad things. Have a looksie

http://www.apple.com/macosx/what-is/security.html

http://www.apple.com/why-mac/better-os/

Apple never states that the Mac or OS X are, as you say, "virus free," or that people are defining it wrong.

omgben said,

It's funny because you're claiming Apple is/was saying all of this stuff that it's actually not saying. Also, I'm interested to know the source for your, "...damn well know...," statement. Apple markets the Mac and OS X as, "It doesn't get PC viruses. A Mac isn't susceptible to the thousands of viruses plaguing Windows-based computers." That's been their stance for a good while now. They also provided pointers on how to avoid such bad things. Have a looksie

http://www.apple.com/macosx/what-is/security.html

http://www.apple.com/why-mac/better-os/

Apple never states that the Mac or OS X are, as you say, "virus free," or that people are defining it wrong.


That is exactly what I mean by semantics. Do they explicitly say "virus free" or "Macs don't get viruses"? Probably not, but they sure as hell do imply it in their commercials.
http://www.youtube.com/watch?v...Q8WRL_g&feature=related
You can go on about them not explicitly saying it, but they know who they are targeting with these implied connotations.
Furthermore, I don't need proof as to 95% of people associate the term "virus" with "malware". Go outside and talk to anyone who doesn't work on computers for a living.

Xenosion said,

Get out of here with your semantics. It's a scumbag move to market your product as "virus free" when you damn well know that 95% or your customer base thinks spyware, malware, trojans all = virus then say "Oh no we didn't mean those bad things. You're defining it wrong".

They only market it as "Doesn't get PC Viruses". It's the Sheeple fanboys who spout the drivel that Mac is immune to viruses.

McKay said,

They only market it as "Doesn't get PC Viruses". It's the Sheeple fanboys who spout the drivel that Mac is immune to viruses.


Right. Apple didn't start the trend or anything, or you know, enabling them. Typical.

McKay said,

They only market it as "Doesn't get PC Viruses". It's the Sheeple fanboys who spout the drivel that Mac is immune to viruses.

last time I checked in the realm of technicalities. PC means Personal Computer. and the Mac is a Computer for Personal use. Therefore I would like to propose that Macs are indeed PC's.
Therefore by saying that the Mac does not get PC virus's, You are implying that it is immune to all forms of virus attacks that can be implemented to a computer.

McKay said,
If you're watching the furious debate on Mac Rumors, they only claim Macs are "Virus" free, and then only "PC Viruses". Trojans come under "Malware", not "Viruses" so technically there are still no viruses for Macs.

Oh yeah I forgot, phpshell is classed as possible backdoor trojan because although it can be used legimately, it's main use is being uploaded to servers and then used to hack the server and gain higher permissions, get account and credit card details and then spread to other servers to get even more... But that's obviously not a virus... Dimwit.

Symantec has been wrong before. Lookout have anything to say about the infected numbers?

Also, if this was a PC...there would be removal instructions already.