Skip to comments.
Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say
PCWorld ^
| Apr 5, 2012
| Lucian Constantin
Posted on 04/05/2012 5:45:29 AM PDT by iowamark
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-28 next last
1
posted on
04/05/2012 5:45:37 AM PDT
by
iowamark
To: iowamark
That is impossible: the Mac is unsinkable.
2
posted on
04/05/2012 5:54:43 AM PDT
by
Mr Ramsbotham
(Laws against sodomy are honored in the breech.)
To: iowamark
3
posted on
04/05/2012 6:03:03 AM PDT
by
ColoCdn
(Neco eos omnes, Deus suos agnoset)
To: Mr Ramsbotham
600,000 systems infected is nothing alongside 60,000,000 users who will have to think twice before posting the ‘Get a Mac’ line on every computer thread.
4
posted on
04/05/2012 6:06:52 AM PDT
by
relictele
(We are officially OUT of other people's money!)
To: Mr Ramsbotham
Must be the reason neither Flash nor Java Runtime are installed in OS X Lion by default. They are both ‘ports of entry’ for viruses.
5
posted on
04/05/2012 6:10:31 AM PDT
by
6SJ7
(Meh.)
To: Mr Ramsbotham
That's getting old.
if you put java on it, you get your problem. So the issue is java. I suppose that too fine a point for most to bother with.
To: 6SJ7
Java developers are obnoxious, and I’d attribute the problem to that.
To: the invisib1e hand
Ditto on both of your posts.
8
posted on
04/05/2012 7:11:39 AM PDT
by
RJS1950
(The democrats are the "enemies foreign and domestic" cited in the federal oath)
To: Mr Ramsbotham
You mean it’s not? </sarc>
9
posted on
04/05/2012 7:11:59 AM PDT
by
Carriage Hill
(I'd vote for a "orange juice can", before 0bummer&HisRegimeFromHell, gets another 4yrs. Can-> later.)
To: the invisib1e hand
if you put java on it, you get your problem.
So "the sandbox" leaks?
10
posted on
04/05/2012 7:13:57 AM PDT
by
BikerJoe
To: Mr Ramsbotham
That is impossible: the Mac is unsinkable.That line of thought is the equivalent of spending $9.99 for after market tires for your Ford Explorer and then blaming Ford for the blowout you get on the highway.
11
posted on
04/05/2012 8:33:04 AM PDT
by
MarkL
(Do I really look like a guy with a plan?)
To: MarkL
That line of thought is the equivalent of spending $9.99 for after market tires for your Ford Explorer and then blaming Ford for the blowout you get on the highway. It would be if I really meant it.
12
posted on
04/05/2012 8:37:46 AM PDT
by
Mr Ramsbotham
(Laws against sodomy are honored in the breech.)
To: iowamark
13
posted on
04/05/2012 9:40:26 AM PDT
by
VeniVidiVici
(The Democrat Ku Klux Klan is alive and well as the New Black Panthers, CBC and the NAACP)
To: iowamark
Macs are perfect. Deal with it.
14
posted on
04/05/2012 9:55:06 AM PDT
by
Fresh Wind
('People have got to know whether or not their president is a crook.' Richard M. Nixon)
To: iowamark; ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; ...
An obscure Russian "computer security" company (that sells a Safari anti-virus checker) claims 600,000 Macs, most in the US and Canada, are infected by the FLASHBACK trojan botnet.PING! No other companies corroborate this claim... nor does it make sense. . . since this can install only on Macs that have an OPTIONAL install of the Java runtime library applet, not FLASH. The Trojan itself has been found on only a small number of obscure websites... and to infect such a large number of Macs, all of which would have to be running an older install of OSX (Leopard or older), it would have to be found on numerous popular and frequently visited websites! It simply is not on such websites that Mac users would frequent. Here is a list of the example websites Doctor Web says they found the malware that would infect Macs:
godofwar3.rr.nu
ironmanvideo.rr.nu
killaoftime.rr.nu
gangstasparadise.rr.nu
mystreamvideo.rr.nu
bestustreamtv.rr.nu
ustreambesttv.rr.nu
ustreamtvonline.rr.nu
ustream-tv.rr.nu
ustream.rr.nu
I don't find THOSE websites to be the type that Mac users would visit!
The rate of infection this company was reporting smacks of the kind we saw with viral infections, not Trojan installations.
In addition, Apple pushed out a patch for Java that fixed this variation of the Flashback vulnerability early Tuesday morning... and since even OSX Leopard Macs are updating their malware definition files daily, I find it even more unlikely that this story is credible.
Does this trojan exist? Yes. Is it in the wild? Yes. It is one of the 20-22 known OSX trojan horse applications out there now... that the OSX system will prevent from being downloaded or installed without the user over-riding the built-in protections. Has it infected 600,000 Macs and made them into a botnet? I highly doubt it.
Frankly, it sounds like FUD to me.
Apple Security Ping!
Please, No Flame Wars!
Discuss technical issues, software, and hardware.
Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE IGNORE THEM!!!
If you want on or off the Mac Ping List, Freepmail me.
To: All
Apple HAS pushed out another JAVA update... This one listed as 2012-002 today. It repairs some issues, unrelated to security, with the one released earlier as 2012-001.
To: All
I have been searching forums... and so far, none of the 600,000 infected have reported they have been infected. Strange, don’t you think? It’s easy to check for and remove this infection, but no one is finding it.
To: Swordmaker
18
posted on
04/05/2012 11:40:38 PM PDT
by
iowamark
(The fault, dear Brutus, is not in our stars, But in ourselves)
Comment #19 Removed by Moderator
To: Swordmaker
Its easy to check for and remove this infection, but no one is finding it.
I know of two people who have found the trojan, both were found because Little Snitch was blocking a connection from .rserv to cuojshtbohnt.com.
Apple Discussion Forums has a thread detailing exactly what they were experiencing. I walked one of them through removing it, and if I understand the Apple discussions correctly, the fact that they had Little Snitch installed and they properly blocked it, it did no harm. As a matter of fact, it may have deleted part of itself when it detected Little Snitch from what some are saying, but that seems odd since Little Snitch blocked it in the first place.
It pisses me off to hear people talking about this as if it's a virus. It's a trojan and there is a huge difference. And both of the people I know who got it, they have teenagers and I'm pretty sure they don't monitor their kids' internet usage (don't get me started).
Navigation: use the links below to view more comments.
first 1-20, 21-28 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson