Estimated 600K Macs infected with Flashback malware


As many as 600,000 Mac computers could be infected with Flashback, a malware package designed to steal personal information. According to a report by Russian antivirus company Dr. Web, infected Macs were roped into the sophisticated botnet where additional executable files may be loaded.

The report has been confirmed by security vendor Kaspersky, which conducted its own research and concluded that more than 98 percent of affected computers were running Mac OS X. Just over 300,000 of the bots originate from the United States.

The Flashback malware makes use of a bug in Java and infects a machine by simply visiting a malicious website with a Mac OS X system and the vulnerable version of Java installed. Once infected, Flashback will also inject code into web browsers as well as user applications like Skype to harvest passwords and other such information.

Window and Linux machines are also affected by this vulnerability, though Oracle quashed this bug with an update months ago. Apple (NASDAQ: AAPL) maintains Java for its own platform though, and only released a security update early last week, followed by a second security update last Friday. Ultimately, the company's lackluster posture on security updates afforded hackers a seven-week window with which to examine Oracle's earlier update and exploit it with Flashback.

The relatively low market share of Mac OS X means that it has historically not been a popular target of hackers and black hats. But the growing popularity of Mac and other Apple devices has resulted in hackers turning their sights on the Mac platform.

“Attackers are leveraging years of success from writing PC malware and they're doing the same thing in the Mac world,” said Dave Marcus, director of advanced research and threat intelligence at McAfee Labs, in an email message. Noting that the Flashback Trojan wasn't surprising, Marcus continued, “Cybercriminals will attack any operating system with valuable information, and as the popularity of Macs increase, so will attacks on the Mac platform.”

The advice? Users should take proper precautions to protect themselves, says Marcus, by ensuring that their security software and Apple patches are up to date.

For more:
- check out this article at CNET
- check out this article at eWeek

Related Articles:
iPad takes root in the enterprise, but Apple lags on security
New toolkit capable of bypassing Apple's FileVault 2 disk encryption
Apple laptop batteries can be hacked and destroyed

Filed Under