Flashback Trojan Hits 600,000 Macs and Counting 429
twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."
no more Spirit of Steve protection? (Score:3, Informative)
it used to be magic pixie dust protected Macs but in the last 6 months i've been using the Spirit of Steve
time to find some new protection
It's not apple's fault... (Score:4, Informative)
The users just surfed wrong.
But seriously, Apple screwed the pooch really good on this one. Looks like it's time that their corporate culture goes through the same "trustworthy computing" initiative that Microsoft went through over the last few years.
Re:How to check (Score:2, Informative)
Detection and Removal Info (Score:2, Informative)
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
How to tell whether you are infected (Score:5, Informative)
See here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml [f-secure.com]
Summary:
If you open Terminal and run
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
and
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
and see:
The domain/default pair of [...] does not exist
for each, you are not infected. Also, if you run nearly any AV software or other tools like Little Snitch, you are not infected as it checks for these and deletes itself if found.
Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]." It just a lot less likely, and has historically been, even accounting for differences in marketshare. As Mac share increases, it only makes sense they'll be targeted more with malware. But Macs, as a whole, are indeed "more secure", in that still, to this day, you are far less likely — even with the complacency or, if you prefer, ignorance, of Mac users — to become impacted with any malware than with Windows. Maybe someday this will change. But it's never been true to date, and isn't true now. The fact that single instances of Mac malware get so blown out of proportion, STILL, is ridiculous. (Though, Apple could do better with patching known vulnerabilities in Java on Mac OS X...)
The same advice and best practices for avoiding malware apply to Macs as well as any other desktop platform, and Mac users would do well to run current AV software. The Sophos free edition [sophos.com] is nice.
Check if you're infected (Score:2, Informative)
Gizmodo's article shows how to determine if your machine is infected. http://www.gizmodo.co.uk/2012/04/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected/
Re:Macs don't get hacked (Score:2, Informative)
Let me laugh :
PC's wear biohazard suits, Macs don't need no biohazrd suits [youtu.be]
Mac versus Pc viruses [youtu.be]
I'm a MAC and I don't need no fucking antivirus/malware/biohazard suit you wippersnapper snotty little PC.
---> Pc walks away laughing at MAC. Look dady he's MAC and he's been zombiefied.
Re:Macs don't get hacked (Score:5, Informative)
Re:Macs don't get hacked (Score:4, Informative)
Re:Macs don't get hacked (Score:5, Informative)
the process of keeping updated is more dummy-proof... dummy users are safer on Macs.
It is? Last time I checked, the default update mode for Windows will install updates the next time your shut down your computer after Windows detects an update has been released.
This is a bit different in a corporate setting, but I assumed you meant for home users.
Re:Macs don't get hacked (Score:3, Informative)
Indeed, this is one of the reasons that got me into Linux in the first place - that I am not nickel-and-dimed for a workable computer.
By the way, since the Gimp handles RGB images better than Photoshop, it's better for astrophotography processing. ImageMagick is also quite the program.
Come for the free beer. Stay for the freedom. Use Linux.
--
BMO
Re:Macs don't get hacked (Score:4, Informative)
Actually, the vulnerability used in OS X is also in Linux. So yes, it can infect Linux!
However, the payload only currently runs on OS X, so infecting Linux is a minor point since it does nothing.
It's a Java vulnerability. Which is interesting since Apple stopped supporting and shipping Java since what, Leopard (10.5)? Heck, we can blame Oracle for the mess...
Re:Macs don't get hacked (Score:4, Informative)
Apple stopped supporting and shipping Java since what, Leopard (10.5)
That's patently incorrect. Java is alive and well on OS X, and is still supported on Lion, Snow Leopard, and IIRC there was a Java update recently even for Leopard.
Re:User accounts (Score:4, Informative)
A bootable image is just an OS X install disc. If you lost yours, you can get one off eBay (or copy it from someone). As soon as the installer starts, you have an option of restoring a time machine backup. It was quite easy last time I tried it (1 year ago or so).