Shortcuts

600,000 Macs Hit With Backdoor.Flashback Trojan

rated by 0 users
This post has 7 Replies | 1 Follower

Top 10 Contributor
Posts 26,369
Points 1,192,040
Joined: Sep 2007
ForumsAdministrator
News Posted: Thu, Apr 5 2012 3:04 PM
While many have dogmatically adhered to the idea that Macs are impervious to malware, some experts have been warning that it was only a matter of time before the Apple systems were hit with significant bugs.

Findings like the one from Doctor Web late yesterday confirm that indeed, the malware threat looms large for Mac users. According to Doctor Web, a Russian antivirus vendor, 600,000 Macs were part of the BackDoor.Flashback.39 botnet. (Originally, the company reported the number at 550,000, but a Twitter post later upped it to over 600,000.)



The Flashback Trojan isn’t especially new; variants have been around since at least September 2011, but like all good malware, it’s been evolving. Apple finally patched the Java exploit that was affecting machines running Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, and Lion Server v10.7.3.

Security firm F-Secure posted a way to identify and remove the virus, and had this to say:
On execution, the malware will prompt the unsuspecting user for the administrator password. Whether or not the user inputs the administrator password, the malware will attempt to infect the system, though entering the password will affect how the infection is done.
According to Doctor Web, 56.6% of the infested hosts are in the U.S., 19.8% are in Canada, the UK has 12.8%, and Australia has 6.1%. The company recommends downloading and installing this security update from Apple.
  • | Post Points: 50
Top 50 Contributor
Posts 2,917
Points 24,670
Joined: Jul 2001
Location: United States, New York
digitaldd replied on Fri, Apr 6 2012 11:24 AM

if you run a Mac better grab the latest update which includes a java update that plugs the hole.

  • Filed under:
  • | Post Points: 20
Top 500 Contributor
Posts 309
Points 2,695
Joined: Aug 2010
JDiaz replied on Fri, Apr 6 2012 1:31 PM

And don't put in your passwords or log-in into any pop-up request panel that may show up...

Even with the patch they're reporting still more systems being infected... Security can't protect from user error...

  • | Post Points: 5
Top 10 Contributor
Posts 5,053
Points 60,715
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Fri, Apr 6 2012 3:14 PM

Not a problem with Macs; a problem with Oracle software (i.e. the Java vm).

There are dozens of trojans of this same type that affect Windows, but they're not news because everyone knows the OS is perpetually insecure. The spin here is that it can be made to look like the Mac OS is insecure when it's actually the third party software.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Not Ranked
Posts 20
Points 175
Joined: Jul 2011

@3vi1 I'm fairly certain the fault lies with Mac's, from my limited understanding of it Apple decided to write their own JVM so it's not a pure Sun/Oracle thing.

  • | Post Points: 20
Top 10 Contributor
Posts 5,053
Points 60,715
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Sun, Apr 8 2012 11:11 AM

ErazmusNZ:

@3vi1 I'm fairly certain the fault lies with Mac's, from my limited understanding of it Apple decided to write their own JVM so it's not a pure Sun/Oracle thing.

No.  Apple uses the standard JVM  - they just ship it with the OS as an integration point.  The flaw exploited was from Oracle code, but Apple didn't immediately ship an update when Oracle fixed it in v1.6.0_31 back in February.

If Apple were to ever stray from the standard JVM, I'm pretty sure Oracle would find some way to try to sue them like they're doing with Google.  :)

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

Top 50 Contributor
Posts 2,917
Points 24,670
Joined: Jul 2001
Location: United States, New York
digitaldd replied on Mon, Apr 9 2012 10:24 AM

I guess the real problem here if that with java on a Mac you have to wait for Apple to release the update. Unfortunately on the PC side of things both *nix and Windows billions of systems are running out of date Java. I usually recommend to folks not to install Java unless you really need it for something, same goes for Flash or Silverlight.

  • | Post Points: 20
Top 10 Contributor
Posts 5,053
Points 60,715
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Mon, Apr 9 2012 7:14 PM

Hopefully the code quality will go up and the exploits will go down now that Oracle's re-basing their code around the open source OpenJDK as the official implementation for Java 7.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Page 1 of 1 (8 items) | RSS