Half A Million Mac Computers Infected With Flashback Trojan
It might be time for Mac users to actually worry about viruses. A Russian security company confirmed reports that about 600,000 Macs have been infected with the Flash Trojan.
Half of those infected are located in the U.S., including 274 in Cupertino, according to Tweets from Ivan Sorokin, a malware analyst at Russian antivirus company Dr. Web.
As BBC reports, Dr. Web said that once the Trojan was installed, it sends a message to the intruder's control server with a unique ID to identify the infected machine.
- "By introducing the code criminals are potentially able to control the machine," the firm's chief executive Boris Sharov told the BBC.
- "We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals' hands. However, we know people create viruses to get money.
- "The largest amounts of bots - based on the IP addresses we identified - are in the US, Canada, UK and Australia, so it appears to have targeted English-speaking people."
According to PC Magazine, Mac users do not have to download or even interact with the malware to become infected.
- Websites exploited a Java flaw that let Flashback.K download itself onto Macs without warning. It then asked users to supply an administrative password, but even without that password, the malware was already installed.
- ZDNet pointed out today that these attacks are designed to be quiet and go undetected, so the average Mac user might not know they've been hit. Security experts are suggesting that Mac users, particularly those on older versions of OS X, update their software as soon as possible.
- Apple has released a second patch Thursday to battle the Trojan, which exploited a Java flaw that dates back to February.
According to PC Magazine, Apple did not release a first patch to respond to the attack until eight weeks later, on April 3.
- As a result, approximately 550,000 Macs were infected, according to data released this week from anti-virus vendor Dr. Web.
Gizmodo provides easy steps on how to detect the trojan on a Mac here.
For the computer-savvy, F-Secure provides details on how to diagnose and fix the problem here.
Top virus hunters worldwide would like Apple to be more collaborative about defending the Internet against cybercriminals, reports USA Today.
- "This latest wave of infections is a wake-up call to Mac users that their system is not immune to threats," says Mike Geide, senior security researcher at Zscaler ThreatLabZ. "And the need to follow best security practices, such as remaining current with patches, is ubiquitous — it doesn't matter if you're using Windows, Mac, or even mobile phone."
- Lumension's Henry opines that "Apple still lacks any urgency in their patch release and in fact, users had to be lucky enough to have checked.
- "Simply put, if Apple wants to be taken seriously as an enterprise provider, they need to be more timely and candid about their patches," Henry continues. "How else will administrators understand the necessary sense of urgency to prioritize and deal with security issues?"
According to BBC, Apple could not provide a statement at the time they reported the story.