Posted on 04/05/2012 8:45:23 AM PDT by null and void
An investigation by Dr Web suggests that about 600,000 Macs have the malware - potentially allowing them to be hijacked and used as a "botnet".
It says that more than half that number are in the US.
Flashback was first detected last September when anti-virus researchers flagged software masquerading itself as a Flash Player update. Once downloaded it deactivated some of the computer's security software.
Remote control
"By introducing the code criminals are potentially able to control the machine," the firm's chief executive Boris Sharov told the BBC.
"We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals' hands. However, we know people create viruses to get money.
"The largest amounts of bots - based on the IP addresses we identified - are in the US, Canada, UK and Australia, so it appears to have targeted English-speaking people."
Dr Web also notes that 274 of the infected computers it detected appeared to be located in Cupertino, California - home to Apple's headquarters.
Update wait
Apple released its own "security update" on Wednesday - more than eight weeks later. It can be triggered by clicking on the software update icon in the computer's system preferences panel.
The security firm F-Secure has also posted detailed instructions about how to confirm if a machine is infected and how to remove the Trojan.
Although Apple's system software limits the actions its computers can take without requesting their users' permission, some security analysts suggest this latest incident highlights the fact that the machines are not invulnerable.
"People used to say that Apple computers, unlike Windows PCs, can't ever be infected - but it's a myth," said Timur Tsoriev, an analyst at Kaspersky Lab.
Apple could not provide a statement at this time.
(Excerpt) Read more at bbc.co.uk ...
years of jack ass macbots saying install osx to fix user induced malware problems has done this too me. Thank them for their fine work.
It may not have stopped the infection if the trojan was good enough to trick you into using the admin name & PW but it does provide another level of security.
Regarding browsers, I'm not a Safari fan.
I've been using something called Rock Melt for about a month & I'm very happy with it so far.
Firefox had been the one I was using but I found it to be getting slow.
So, for THIRTEEN years, users of OSX SERVER and for ELEVEN YEARS Users of OSX client have enjoyed malware free surfing, creativity, game playing, and generally worry free computing.
But trolls like for-q-Clinton and his ilk still call us Macbots, zealots, and liars for extolling that experience to people who have used the alternative Microsoft Windows platform that chalked up over THREE MILLION discreet malware exploitation applications!
During that same time, our platform of choice, the Apple Mac OSX, garnered a mere seven failed proof-of-concept virus candidates, and 22 known Trojan horse applications, a whole two of which that will marginally install with only minimal user assistance!
And for-q-Clinton claims it is WE who need to be educated about choices, and we who need HIS help!
Frankly, from our perspective, HE is the one who has made abysmally bad security and computing choices for the past thirteen years!
If you want on or off the Mac Ping List, Freepmail me.
I have been checking the forums and if there are 600,000 infected Macs out there, they certainly aren't admitting it. I am not seeing it. Nor are the other security companies finding them. Only Doctor Web is claiming it. . . And that company is suspect. We've seen this kind of hype before. They have an anti-virus product to sell. . . One that is specifically designed to scan a website from Safari for malicious content BEFORE you actually navigate to it!
4Q & haters like him gotta hate.
Need I say more.
The long-understood point:
With a PC, you just attach it to a network and eventually (often just minutes) it will be infected.
With a Mac, the malware MUST bait the user into explicitly granting privileges.
BIG difference.
See what I mean dayglored? This is just beyond stupid. Even on a thread that proves what I’ve been saying all along we have idiots that think Macs are superior to the current version of Windows.
And they believe just having windows attached to a network will get it infected within minutes.
Ok, so only when the stories about windows having malware are they true. But when they are about Macs then your personal observation of OSX forums are the only proof you need.
That sounds fair and logical (for a democrat).
Can happen, has a long history of happening, and if not by “just attached for minutes” then by a host of other malware attack vectors.
That vs _one_ instance of Mac malware, which requires baiting the user into explicitly allowing administrator control, that you’re touting for “see? they’re beyond stupid!”
Get the plank out of your eye first.
>>>Need I say more.
no. you say the same crap all the time. obviously, I was wrong above. You don’t work at it, it’s natural for you to be a trolling wazoo aperture on the scale of Mt. Rushomre. Dude, you’re monumental!!!
Your trolling is akin to trashing Tiger Woods for missing a putt when you can’t finish a minigolf course without losing the ball.
Remind me again how many popular anti-virus programs there are for Windows? what their success rate is? vs. same products for Mac?
Occurs to me that iOS has zero malware so far...for how many devices running 24/7?
I'm very happy with OSX. I've been running it for close to a decade without AV & have had no malware issues.
Quite: we had to wait for Windows 7 to fix that problem? And still suffer endless malware attack vectors? And spend how much (both $$$ and CPU time) coping with the problem? Vs. near no malware (not zero, but close thereto) which is addressed by a free auto-installed patch from Apple. Funny how this dichotomy motivates trolls to come out declaring “you’re not perfect! Therefore you suck worse than what’s worse!” Weird.
Ok, show me one win7 malware that installs as soon as I plug it on the network. I will even take my windows 7 machine and browse to whatever site you like me to go to and see if I get infected.
Time to put up or shut up.
I didn't hee hee hee. But I know what you mean.
I've had generally unpleasant experiences with MSFT after MS-DOS 5.0.
I've had generally good experiences with Mac, and OSX which I have been using since Panther has been a dream.
You point this out and someone wants to flame you.
If someone says they've just love XP or Vista or 7, I don't argue with them.
OTOH, If someone says they are having issues with XP etc. I mention my pleasant experiences with Mac.
You ever notice that you don't see a lot of flame wars between Mac & Linux people?
Tried Firefox, Stainless.
Gonna give RockMelt a whirl
How about we first start the challenge with a Mac, out-of-the-box with no updates or extraneous anti-malware programs installed. You can plug it in and load software and visit sites however you like. Only caveat is you don't enter the administrator password without knowing it's for a legitimate purpose.
While stewing over that, you might want to peruse http://techlogon.com/2012/03/23/how-windows-gets-infected-by-malware/ and its discussion of "drive-by infections". And consider that the point of this thread is that ONE botnet has been discovered on Macs, while botnets on Windows doesn't even make news 'cuz there are so many.
See, the difference is that while maybe you're currently protected against drive-by infections, you'll have to keep escalating the defenses because the core design of Windows is susceptible to such attacks ... while OS X, at core, isn't.
None of my 3 macs were infected. 2 of the 3 (newer machines) don’t even have java installed on them. I think it’s much ado about nothing from the 600k number (reads like Obama-math to me) to how “vulnerable” Macs are.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.