Results 1 to 3 of 3
  • Thread Tools
  1. Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,655
    Thanks
    7
    Thanked 112 Times in 97 Posts

    Flashback Trojan infects 600,000+ Macs

    For those who frequent the Lounge who also have a Mac in their home, the Flashback Trojan has been making the rounds on Macs of late.

    Over half of the 600,000 Macs infected are in the US. Infection occurs by 'drive by' download exploiting a Java vulnerability when one goes to an infected web site. It does not require any user interaction to obtain a foothold on a Mac, so it is not a social malware package.

    Virtually none of the AV/AM software packages were able to detect and/or thwart the installation of Flashback, so even those Mac users who realize Macs are very vulnerable were not immune from Flashback. You can bet there will be more of this type of malware coming down the pike. Fortunately, this outbreak should be a wakeup call to all Mac users, especially those who have swallowed the lie that Macs do not get infected. The good news is that this outbreak only infected about 1% of the Mac installed base. The bad news is that Apple took two months to funnel the Java update to users after Oracle issued an update to remove the specific vulnerability to the Flashback Trojan. Apple has to do better than that.

    There are some tools available to easily check for the presence of this infection. Check out the Flashback Checker here. It is a recently released Mac utility that will automatically enter the command lines outlined in F-Secure's page of manual commands one can use to check for infection. Flashback Checker is easier to use as it does the job for you without entering the two command lines outlined by F-Secure. Most Mac users will get a "clean" report after the check is made. For those who get a confirmation of the infection's presence, you can follow F-Secure's command procedures in the above link to clean your system of Flashback, or you can download Kaspersky's Flashback Removal Tool, which should be faster, and does not require Terminal command line use. News of the Kaspersky tool arrived the day after the unveiling of Flashback Checker, and it can be used both to detect and remove the infection.

    For more reading on Flashback, check out this MacWorld article, and this one as well.

    Kaspersky also has a very good article titled 10 Simple Tips for Boosting the Security of Your Mac. Check it out, and implement most of the tips. Mac users are going to have to be just as proactive in their security as Windows users have learned to be over the years.

    UPDATE: At some point today, after I posted this thread, Kaspersky pulled their Flashback Removal Tool after it was found to alter certain user settings. So if you have downloaded the tool, but not executed it, please delete it and either wait for the updated tool, or follow the manual steps on F-Secure's page linked above to remove the trojan.
    An updated Flashback Removal Tool is expected to be released shortly.
    Last edited by Deadeye81; 2012-04-12 at 15:40. Reason: Added Update & Correct spelling & correct link

  2. The Following User Says Thank You to Deadeye81 For This Useful Post:

    CLiNT (2012-04-12)

  3. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  4. Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 928 Times in 851 Posts
    Ya know Gerald, Mac users will still tell us they are very safe, that their PC's are not under attack. The truth is with the proliferation of iPhones and iPads, the Apple products will be under constant attack from here on, whether they care to admit it or not.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  5. Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,655
    Thanks
    7
    Thanked 112 Times in 97 Posts
    Latest Update: Late yesterday afternoon, Apple released another Java update through Apple Update. This update not only closes the vulnerability that gave Flashback an open door, but also removes any traces of Flashback variants that may be on user's systems. So, if you have not taken any steps to check for and/or remove Flashback, this is the easiest method to apply.

    This new update also disables Java from automatically running on Macs, but if you find that you have an application that requires Java, you can re-enable automatic Java applet execution by running the Java Preferences application located in you /Application/Utilities folder.

    Hi Ted, I know it is an uphill battle to convince some Mac users to change their thinking about malware. However, I am trying to reach Mac users who should know better than to swallow the myth that Macs are not vulnerable to malware - the ones who also use Windows. Quite a few users who have a Mac now, still use Windows machines as well, and their Windows experience should make it easier for them to understand that any OS with the right market visibility, is vulnerable to malware, and they as users have to take responsibility for their own security. The school of hard knocks is one of the best teachers we have.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •