So much for Macs being relatively safe against malware attacks. That idea took a punch to the stomach this week when the news broke about the Flashback trojan affecting more than half a million Macs worldwide. According to Russian anti-virus company Doctor Web, the botnet is present on more than
550,000 (natch, it’s 600,000) Apple computers across the globe (mostly in the U.S. and Canada).
Flashback is essentially the malware equivalent of a smash-and-grab thief. Exploiting a Java vulnerability, the code installs and runs when the user visits a compromised or malicious website, intercepting private data, like passwords, and sending it back out over the internet. According to Doctor Web, sources claim that “links to more than four million compromised web-pages could be found on a Google SERP [search results] at the end of March. In addition, some posts on Apple user forums described cases of infection by [the latest variant] BackDoor.Flashback.39 when visiting dlink.com.”
Like its predecessors, BackDoor.Flashback.39 won’t work if there are antivirus programs installed. But considering how many users are affected by this, it’s pretty safe to say that there are an awful lot of Mac users out there going without. If you’re one of them, you can find out if you have the Flashback trojan and remove any malicious files associated with it: Security firm F-Secure has a set of instructions for people who are comfortable executing command lines via Terminal. Or if you’re not, you could download some automated scripts culled by CNN.
In addition, Apple patched the hole via software update this week. Actually, it pushed out two updates — Java for OS X 2012-001 on Tuesday, and version 2012-002 just this morning. It’s not clear what the difference is between the two, since they point to the same info page, but suffice it to say that the company plugged up the holes and blocked the Flashback virus (at least for now). So if you haven’t updated your Mac recently, you’ll want to hop on that. If you’re running Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3 and Lion Server v10.7.3, be sure to hit up Software Update in your System Preferences.
[via Ars Technica]