Forgot your password?
typodupeerror
Security OS X Apple News

New Version of Flashback Trojan Targets Mac Users 160

Posted by timothy
from the for-more-shiny-enter-password dept.
wiredmikey writes with this extract from Security Week: "On Friday, researchers from security firm Intego reported that a new variant of Flashback is targeting passwords and as a byproduct of infection, Flashback is crashing several notable applications. Flashback was first discovered by Intego in September of 2011. It targets Java vulnerabilities on OS X, two of them to be exact, in order to infect the system. Should Flashback find that Java is fully updated, it will attempt to social engineer the malware's installation, by presenting an applet with a self-signed certificate. The certificate claims to be signed by Apple, but is clearly marked as invalid. However, users are known to skip such warnings, thus allowing the malware to be installed. ... The newest variant will render programs such as Safari and Skype unstable, causing them to crash. Interestingly enough, normally these are stable programs, so if they start suddenly crashing might be a sign of larger issues."
This discussion has been archived. No new comments can be posted.

New Version of Flashback Trojan Targets Mac Users

Comments Filter:
  • What's Java? (Score:5, Insightful)

    by fostware (551290) on Saturday February 25, 2012 @11:34PM (#39161913) Homepage

    Java was an optional extra on 10.6 and is a separate download on 10.7.

    • Answered your own question, eh?

    • My MacBook came preloaded with Leopard. Does that version of OSX come with Java already installed? I'm concerned that Java (if it exists) may have gotten carried over from my previous upgrades of Snow Leopard and now Lion.

      • by fostware (551290)

        Honestly, I wouldn't know... :)

        We only perform a "time machine/re-image or reinstall/restore user" when a user gets a hardware or software upgrade. Java is left to the user to request, Casper self-service, or install themselves (all owners are local admins of their own machines).

        It's a little harsh, but that's the result of managing Macbooks for 1800 staff and students.

        BTW, I get the distinct impression that Java is the next "blight" to purge now that Apple has made a concerted effort to make sure Flash isn

        • Java, Acrobat, and Flash are all vectors by which a Windows machine can get infected via drive-by web surfing. And this can happen even if your PC is cought up with the latest updates available.

          JRE scares the hell out of me. As a sysadmin, I've see the damage it can do through one of those FakeAV malware programs. Unless Java is needed for a specific application, it should never be installed. Unfortunately I'm not a Mac expert...yet. The whole corporate BYOD policy is making my life difficult in maintaining

      • by Trillan (597339)

        Use Sun's site to check:
        http://java.com/en/download/testjava.jsp [java.com]

        I doubt it's still installed after an upgrade, though.

      • Open a terminal. Type 'java'. Does it say command not found, or does it give you the help info for Java? I have Java installed for a couple of local apps, but you can disable it in Safari easily (preferences, security, uncheck enable java).
    • by stesch (12896)
      It's the Minecraft runtime.
    • by Rosyna (80334)

      Silly Adobe Applications (like Photoshop) require Java be installed or else they won't work.

      If you want to blame anyone for Flashback, blame Adobe. Since without them, Java would never be installed on most Macs running Mac OS X 10.6 or higher.

    • by Pope (17780)

      It's that thing that should always be turned OFF in Safari's preferences since 10.4.

  • by meerling (1487879) on Saturday February 25, 2012 @11:35PM (#39161917)
    Since it's causing instabilities, it's a poorly written piece of malware.
    The standard generic symptom of being infected by malware is there are no apparent symptoms. It's just that when people start having problems is when they start looking, but you can bet they were infected LONG before they had those unrelated problems. Obviously that doesn't apply to this one, since it's new and it does cause problems. And yes, you can find others that have recognizable symptoms, but most don't.

    Wonder how long until Mac users start claiming the don't have malware again. (Will it be Months, Weeks, Days, or Hours...) :)

    No offense meant to Mac users, but find a way to escape the reality distortion field if you are still in it.
    • Re:More malware (Score:5, Insightful)

      by jo_ham (604554) <joham999&gmail,com> on Saturday February 25, 2012 @11:52PM (#39161973)

      Who says Mac users claim they don't get malware? It seems to be oft-repeated here on Slashdot, but whenever the topic of Mac security comes up actual Mac users post in the threads that they're well aware that OS X is not invulnerable, and in fact posting examples of trojans and malware that they remember hearing about.

      It comes up every time, so the only people who seem to perpetuate the myth of the technology-literate Apple user who claims immunity from security threats are the ones seeking to mock the Reality Distortion Field and the users of Apple software as clueless.

      Incidentally, this malware does have some relatively sneaky features - it allegedly avoids trying to install itself if it detects AV software, to attempt to avoid early detection. Crashing browsers is not a good start though. Not very subtle, since Safari doesn't really crash any more - it tends to be the helper process that crashes and that is restarted almost transparently to the user.

      • Re: (Score:1, Informative)

        Who says Mac users claim they don't get malware? ...
        It comes up every time, so the only people who seem to perpetuate the myth of the technology-literate Apple user who claims immunity from security threats are the ones seeking to mock the Reality Distortion Field and the users of Apple software as clueless.

        Here [youtube.com] is an Apple commercial that claims that Macintoshes don't get viruses. It is part of a series of commercials that make it seem as though there is some special feature of Apple hardware that makes it

        • Re: (Score:1, Informative)

          by paiute (550198)

          Here is an Apple commercial that claims that Macintoshes don't get viruses.

          Flashback Trojan. Not a virus.

          • You are as correct here as you are irrelevant, since I was replying to a post that only mentioned "malware".

            Since you have decided to play the pedant, I might also point out that the target audience for the Apple advertisement is unlikely to make the fine distinction between trojans and viruses.

        • by jo_ham (604554)

          So again, where does it say that Apple computers are immune?

          It states that Windows PC are clearly not, but it doesn't actually say that OS X *doesn't* have malware - it actually lies by omission in that respect (the PC gives up and the Mac wins by default, not because it has no viruses).

          The reason that they never state that they're immune is because, quite simply, they're not.

          Apple can certainly say they're more secure than Windows though, which is what they did.

          (this relates to both viruses and trojans, al

        • And I would say that a person on a tech forum not knowing the difference between a virus and a trojan is perpetuating bad information. That's like saying that vaccines are ineffective because you still have a chance to get food poisoning from salmonella, listeria, and botulism no matter how many vaccines you take.
          • by makomk (752139)

            What proportion of the users that Apple was targeting in that advertising campaign do you think would know or care about the difference between a virus and a trojan?

            • The flu vaccine protects you against a strain of the flu virus. It does not protect you against other strains, other viruses, or other pathogens. Someone not understanding/not caring about this presents a challenge to health professionals. The only that can be done is to inform them. If they are determined not to learn, there 's not much that can be done.
      • Re: (Score:2, Insightful)

        by artor3 (1344997)

        Apple, and their fans, have long insinuated that Macs don't get malware. It's a major part of their advertising campaign. Walk up to ten technically illiterate people and ask what the advantages are of Macs over PCs, and I'd wager at least half would say that they don't get viruses. I know that's why my sister bought one, as she flat out told me so (this was during the Vista era, so it wasn't worth correcting her). This belief didn't come from nowhere. Apple and their fans have carefully built it up ov

        • No they have said there are not as many viruses for Macs as there are PCs and thus users are safer from viruses. Viruses. This is a trojan which requires intervention by the user.
        • by dbet (1607261)
          Walk up to a bunch of pet owners and ask them the advantage of a cat over a bear. They'll claim cats don't maul you. But we all know cats can theoretically maul you, so by your logic, I have just proven that cats and bears are equally dangerous pets.

          For a large majority of Mac users, the only malware they've seen in the last 10 years is extra search bars in Firefox, and you don't even have to run AV software.

          Windows still allows changes to the registry without your immediate consent if you're runnin
        • Apple, and their fans, have long insinuated that Macs don't get malware.

          Fact: Macs used by reasonable intelligent users don't get malware. Fact: There are no known viruses for the Macintosh in the wild. Fact: There is malware in the form of Trojans and scareware trying to attack Macs or Mac users; such malware relies on user stupidity.

          Here in the UK, people get phone calls from a company claiming that their computer is infected by malware, and they should pay this company money to clean up the infection. Does having a Mac protect you from these calls? Of course not. I got th

      • Who says Mac users claim they don't get malware?

        They said that because it was true for a while, there was no malware to get.

        Now, correctly, we will say "be careful you don't get the malware".

        The malware that requires people to download Java by the way, which does not ship with macs now...

      • by gl4ss (559668)

        *Who says Mac users claim they don't get malware?*

        fucking real life mac users. all the fucking time. get out sometime 'eh? they got the idea from adverts. you know, people who wouldn't know what you were talking about if you joked about the RDF. people who bought macs in recent years because "they just work"(they're not techno literate).

        (disclaimer, my other pc is a mac)

      • As a Mac user, I don't claim there is no Mac malware, but I do claim that I don't get any. I got one virus on OS 7, but never anything on OS X.
        • by jo_ham (604554)

          I'm exactly the same. I didn't even get any malware on OS 8.6/9, but that was because we isolated the machine and it really only edited video. I've never been infected on any of my OS X machines, in the 10 years since I've been using it.

  • by wannabgeek (323414) on Saturday February 25, 2012 @11:43PM (#39161943) Journal

    From now on, all Macs will have a firewall and any download will only happen after being approved by Apple. Like the AppStore makes your computer safe from third-party apps, this will make your computer safe from Web.

  • The first words of this post were "New Version of Flashback... [wikipedia.org]" It all went downhill from there. But at least Delphine Software isn't going to bastardize a classic by turning it into yet another FPS. [wikipedia.org]
    • by Osgeld (1900440)

      FLashback .... one of my all time favorites, at one point I would have told you that was the only game my sega could play

  • Java version? (Score:4, Interesting)

    by RockMFR (1022315) on Saturday February 25, 2012 @11:56PM (#39161983)

    Which versions of Java are vulnerable? Basic details are nice to have...

  • I am so tired of these April Fool's jokes when it isn't even April yet.

    Everyone knows Macs don't get trojans or viruses and that this story originated from The Onion!
  • is that Skype is known to be stable. That is certainly news to me.
  • From the Intego article about the new variant: "This malware is particularly insidious, as users don’t download anything or double-click any file to launch an installer." Yet Intego repeatedly refers to as a Trojan horse. All of the other articles I can find only reference the Intego report, and don't call it a virus either, including those who would know better, such as Ars Technica and the ISC Diary.

    But if it requires no interaction from the user, then why is it not the first true Mac OS X viru
  • First thing to stop using when you get an OSX machine, in my book.
    When I first got MBP, fall 2010, I had few hard freezes. They stopped as soon as I stopped using Safari.
    It may be a coincidence, but my MBP is definitely more stable without. A lot more stable!

    As for users ignoring warnings... It looks like good case for Apple to close OSX as they closed iOS - force us to use single app store. Good thing gnome-shell is really nice env, so current OSX users have upgrade, errr, escape path available.

    • by Lumpy (12016)

      I know a LOT of mac users and none of them use safari, They all use Chrome or Firefox, mostly because of what you experienced. Safari causing the system to crash. Running Lion helps, mostly because they eliminated the PPC code completely, but that adds in new issues installing older software that was universal and written by dummies that did not make the installer universal.

    • by dbialac (320955)

      Since early on but not since the 3.x days. I found it funny to watch Steve talk about how unstable flash was and how it caused most of Safari's crashes. I never had issues with flash once I dumped Safari. Oddly, I don't have issues with flash on Chrome -- and it's the same rendering engine!

  • Even if the platform doesn't have any security holes, never underestimate the USER

    Download free Natali Portman naked .img would do that on OS X

    • WTF?

      meant .dmg

      Why doesn't /. have a way to edit posts? it's not like we're stuck in 1995...

      • by gl4ss (559668)

        WTF?

        meant .dmg

        Why doesn't /. have a way to edit posts? it's not like we're stuck in 1995...

        it would radically alter the atmosphere and feel of the site to have edits.

        you know all those shitty sites which have comments sections that flame up with some troll or another.. and then there's half of the discussion totally vaporized.

        for the same reason modding slashdot doesn't erase the comments.

  • You need to hold your mac by the corners.

  • I'm on a Mac, where do I click for a working example?

The study of non-linear physics is like the study of non-elephant biology.

Working...