We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Flashback Trojan infects over 600,000 Macs

Flashback Trojan infects over 600,000 Macs

Russian antivirus firm says majority of bots in North America

Article comments

Despite Apple releasing a patch for Java, the Flashback Trojan has infected 600,000 Macs, according to reports. As a result, there are 600,000 Macs being remotely controlled by the growing Mac botnet, according to Russian antivirus company Dr. Web

The majority of the botnet computers are located in the United States and Canada, according to Dr. Web. The company says: "This once again refutes claims by some experts that there are no cyber-threats to Mac OS X."

According to Dr. Web, systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java applet containing an exploit.

"Attackers began to exploit CVE-2011-3544 and CVE-2008-5353 vulnerabilities to spread malware in February 2012, and after March 16 they switched to another exploit (CVE-2012-0507). The vulnerability has been closed by Apple only on April 3 2012," writes Dr. Web on their website. More information about the Mac botnet is available here.

Apple released the patch a day after reports spread about a Java-based Trojan horse that could install itself on your Mac without requiring that you enter a password. Apple released Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, and if you haven’t yet installed it, you should.

Flashback is a Mac Trojan horse that’s been in the public eye since it was uncovered by security firm Intego last year. The recent update saw it gain the ability to infect your computer from little more than a visit to a website.

Originally, Flashback masqueraded as an installer for Adobe’s Flash Player, hence the name, but the malware has changed tacks at last once since then, instead pretending to be a Mac software update or a Java updater.

Share:

Comments

Advertisement
Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *