Printed from http://www.electronista.com

Flashback Trojan infections estimated at 600,000 Macs

updated 09:35 am EDT, Thu April 5, 2012

Systems now part of global botnet

The Flashback Trojan targeting Macs has already infected at least 600,000 systems, according to an analyst with Russian antivirus firm Dr. Web. The company in fact issued a report on Wednesday mentioning 550,000 computers as contaminated by BackDoor.Flashback variants -- linked together in a botnet -- but the analyst in question quickly updated the information on Twitter. In the new data, 285 infected systems are mentioned as being in Finland, and 274 from Apple's own home city of Cupertino, California.

A graph in the report produced by Dr. Web has most infected systems, 56.6 percent, located in the United States. Canada is close behind at 19.8 percent, while the United Kingdom accounts for 12.8 percent, and Australia 6.1 percent. Most other regions are marginal in their infection rates, well under 1 percent each. Other affected countries include Argentina, Brazil, Chile, France, Germany, Ireland, Italy, Japan, Mexico, the Netherlands, the Philippines, Spain, Switzerland, and Turkey.

Earlier this week Apple released updated Java distributions for OS X Lion and Snow Leopard, dealing with a vulnerability exploited by Flashback. Apple has been criticized for being slow to patch the hole, especially as Oracle itself issued a fix in February.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

    Comment buried. Show
  1. testudo

    Forum Regular

    Joined: Aug 2001

    -22

    Yeah right

    We all know macs are free from viriuses or other malware. I'm sure the users all went and downloaded some stupid thing off a torrent site!

    Oh and it isn't apples problem anyway since its in java! Apples still got a perfect record!

  1. localnet

    Fresh-Faced Recruit

    Joined: Feb 2005

    +8

    So...

    Where and how does one get infected with this trojan? Is it a torrent site, ebay or what, p***? how about a little bit more info? Or is that to much to ask?

  1. Cronocide

    Fresh-Faced Recruit

    Joined: Nov 2010

    0

    Java + Stupid People = Mac Virus

    Ok, so it's not technically a virus, but more of a form of malware.

    The controversy here is not the penetration of the Mac system. Anyone who knows Darwin knows that it's system level security is locked down and can only be opened with a key (i.e. your password).

    Any script kiddie could write malware that wipes your whole drive after asking for a password. The real vulnerability is the stupidity of the people who are willing to give away that permission without inquiry.

    Now, Java doesn't always need your password, but it does always need your permission to run code on your machine. That being said, this makes Java about the weakest point on your Mac. Personally, I rarely trust Java code.

    The real issue of controversy here is the social engineering done to disguise the malware installation. People need to be aware that certain websites DO NOT just randomly put out Java updates.

    Security needs to be first and foremost based on people's wariness of third-party software. In any case, Apple brought this upon themselves by not updating Java to protect their customers, but any worthy Mac user did not get this malware.

    Comment buried. Show
  1. wrenchy

    Forum Regular

    Joined: Nov 2009

    -17

    600,000 Macs??


    That works out to about what... 90% of Macs worldwide?

    That sucks.

  1. derbbre

    Fresh-Faced Recruit

    Joined: Oct 2000

    +1

    Huh?

    How would they have any accurate numbers unless they were running the botnet themselves (or had access to it)? Why would we trust numbers from an anti-virus firm, anyway?

    Comment buried. Show
  1. Arne_Saknussemm

    Forum Regular

    Joined: Apr 2011

    -14

    Ahhh! out on a plane, missed all the fun,

    But Pandora's box has been open,

    There will be plenty more from where this came from.

    Cronocide has the general idea right,
    bellow is the correct equation:

    Java + Stupid People = Mac Owners

  1. bsnoel

    Fresh-Faced Recruit

    Joined: Feb 2006

    +2

    Let's Reason Arne...

    Let's reason Arne. McAffee's Q4 2011 Threat Report states that they have now tracked 75 Million unique Windows malware files and at the same time less than 300 unique Mac malware files. In addition Damballa reports that they have tracked many millions of Windows machines that are compromised and participating in major botnets. Most botnet victims don't even know that they are infected and in many cases they may have more than one bonnet infection going simultaneously. Sadly, very often their AV program does not detect the botnet either and they may be unaware they are infected for months. So what is your equation for JoeWin User?

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +1

    Re: Java + Stupid People = Mac Virus

    What does this have to being stupid? You go to a website, you get infected. There's no warning, no password entry, no nothing. You're infected. Is the stupid part that you shouldn't be on the internet?

    Ok, so it's not technically a virus, but more of a form of malware.

    Malware is a generic term for all types of things: Viruses, worms, trojans, scamware/adware and spyware. This best fits in the spyware category.

    BTW, you'll find few actual viruses out in the world these days. Most stuff falls under the *ware tag and trojans.

    The controversy here is not the penetration of the Mac system. Anyone who knows Darwin knows that it's system level security is locked down and can only be opened with a key (i.e. your password).

    And only the most ardent defender of the mac faith give a c***. For 95%+ of users, the most critical files on the computer are not the 'system' files that need precious root access to do something with, it's your personal files. You sound like one of those people who'd be saying "Sure, that malware wiped all my data off my computer, but the system itself is secure!". Me, I'd be going "Damn! What happened to my files?!?!?!"

    Any script kiddie could write malware that wipes your whole drive after asking for a password. The real vulnerability is the stupidity of the people who are willing to give away that permission without inquiry.

    Since that doesn't apply here, not sure why you mention it. But any script kiddie can write software to erase your user folder without asking for your password.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +1

    More

    Personally, I rarely trust Java code.

    That's nice to hear. Then again, how do you know you're running Java code? And how many people even know how to turn off Java playing in Safari, or would think to do that?

    BTW, Safari still installs with the "Automatically Open safe files after downloading", which is about as unsafe an option as you can have in a browser.

    The real issue of controversy here is the social engineering done to disguise the malware installation.

    No, it is not! Since there is NO social engineering in this exploit. In case you missed it, you go to a web site, web site runs java app, you're infected. No prompts, no indications, no passwords. Nothing. And since the website can be infected itself, you can't just say "Don't go to 'maliciious' web sites" like anyone knows what a malicious site is, anyway.

    People need to be aware that certain websites DO NOT just randomly put out Java updates.

    This was NOT an update to Java. It was a java app, which doesn't need permission to run, it just runs. And I would think NO web site randomly puts out a java update. But that's also not the point. Keep in mind, if the web site is hacked (as WordPress security holes have shown, it can be done), then all bets are off on where to go.

    Security needs to be first and foremost based on people's wariness of third-party software.

    Thanks for the input. And, again, I'll point out, this wasn't third-party software.

    In any case, Apple brought this upon themselves by not updating Java to protect their customers, but any worthy Mac user did not get this malware.

    Um, yes they did, since it didn't require anything to get it except to go to some web sites.

    And what is a 'worthy' mac user? I didn't realize there were unworthy ones. Maybe Apple should start forcing prospective owners to take a test. If they find they aren't worthy of owning a Mac, they be turned away. That way, Apple wouldn't have to worry about any type of security protection, because worthy mac users never get infected!

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Samsung SmartCam HD Pro

Keeping an eye on the home while out and about these days is common practice, assisted by modern technology. Internet cameras became p ...

Fugoo Bluetooth speaker

It's rare to find a Bluetooth speaker that can cover a large array of needs. Generally, speakers are wrapped in a desktop-convenient d ...

Epson LW-600P

Label makers are traditionally simple machines that perform a single task which people feel they can either live with or without. In m ...

Sponsor

toggle

Most Commented

 
toggle

Popular News