Over 600,000 Apple Macs suffer from flashbacks

by Alistair Lowe on 5 April 2012, 10:10

Tags: Apple (NASDAQ:AAPL)

Quick Link: HEXUS.net/qabesr

Add to My Vault: x

First spotted back in 2011, the Flashback trojan and its variants have been aggressively infecting Apple's Macs around the globe, with, according to Russian anti-virus firm, Dr. Web, over 600,000 Macs now carrying the malware.

Flashback infects computers through unpatched versions of Java and its spread has been encouraged by a delay in security fixes filtering down from Apple to the end-consumer, with the latest exploit being fixed by Oracle back in February, only to reach Mac owners this week.

Flashback spreads through the web, infected computers have their browsers modified, where they begin to inject script into web-pages. Anyone who is on the web with an unpatched version of Java is at risk. Some variants of Flashback look to steal passwords, others shut down what little malware protection Mac OS has, whilst others may cause crashing.

Over half of infected Macs are located in the US, however 12.8 per cent of infections are on UK-based Macs. We recommend that Mac users run or install anti-virus to detect the trojan, ensure that their Java is up-to-date or remove it all-together.



HEXUS Forums :: 20 Comments

Login with Forum Account

Don't have an account? Register today!
“whilst others may cause crashing”

They've got some pretty stiff competition from Apple's own software on that front… Bloody slow, overpriced, unstable macs!
This article can't be right. Macs don't get malware? At least that's what my friends keep telling me. (Living in a house with three Macbooks, and next door has two)
Yeah this must be a fake Macs are invincible!! :P
It's still too small a market share for all the malwarez folk to focus on, the ones that do probably do well, but it's the phones I would start to worry about!

brasc
I know the article says that this is a Java-based browser exploit for Macs, but is it specifically targeting Safari? Reason I'm asking is that if this is a browser-independent exploit then I'm wondering if other platforms (in my case specifically Windows and Linux) would also be susceptible.
Most likely yes, but my guess is that most windows machines have AVs to catch the trojan itself, so don't infect them?

brasc