The pristine image of Macs was shattered recently by the Flashback Trojan that had infected 650,000 machines and now researchers have discovered two other variants of the Trojan that could potentially infect even more Mac computers. One is a variant of the Backdoor.OSX.SabPub.a, or simply SabPub, that also exploits a Java vulnerability, while the other attacks via Microsoft Word documents.
Apple has already delivered one Flashback malware removal option for Mac users, and now the company has released a second clean-up tool for those who don't have Java installed on their systems. The new Flashback malware removal tool (DL1517) is intended for users of OS X 10.7 Lion who, for one reason or another, are avoiding Java altogether; like its predecessors, it scans for the most common variants of the malware and, if discovered, removes them.
This week Apple has sent out an update to all Mac computers using OS X Lion that will instantly fix any and all common instances of the Flashback malware discovered this month. This update is extremely easy for you Lion users to download and install, as all you need is a couple of point and clicks to make it happen. This update goes by the name of Java for OS X Lion 2012-003 and will also bring you Java SE 6 version 1.6.0_31.
Apple computers have recently been hit by the Mac Flashback trojan, the first attack on Macs that does not require any social engineering or phishing schemes. Kaspersky confirmed that the Flashback, or what it calls the Flashfake, botnet has infected 670,000 computers worldwide and the security firm is now releasing a free detection and removal tool.
For a long time hackers and nefarious sorts left Mac computers alone for the most part when it came to malware and viruses. It was easier to aim for Windows since the majority of people used it. With the increasing popularity of Mac computers, more and more viruses and malware have been discovered aimed at the Apple machines. The latest malware search affecting Mac users is the Flashback malware.
A second antivirus company has confirmed the extent of the Flashback malware infestation of Macs, supporting the claims made last week by Russian firm Dr. Web, which estimated more than 600,000 systems being compromised by the growing botnet. Dr. Web offered a free tool for Mac users to check their systems and found that of those who did, nearly 2% were infected. For perspective, the massive Conficker attack on PCs back in 2008 infected 4% to 5% of Windows systems during its peak.
Apple has released a second Java update as it attempts to block the Flashback trojan threatening Mac users. The second version, spotted by security firm Intego, is listed as "Java for OS X 2012-002" - its predecessor, pushed out earlier this week, was 2012-001 - and is only for OS X Lion 10.7 machines, rather than for Snow Leopard and Lion as before.
Detailed instructions on how to figure out if your Mac is one of the 600,000+ to have been infected by the Flashback trojan have been released, allowing cautious users to check their systems. The guide, published by security firm F-Secure, details not only how to identify a compromised machine, but how to remove manually remove the trojan from OS X. More details after the cut.
Microsoft launched a surprise raid on botnet operators late last week, it's been revealed, though experts suggest the strike against Zeus may deliver only very short-term gains. The company seized servers, domain names and other evidence from two offices in Pennsylvania and Illinois on Friday, March 23, the NYTimes reports, challenging those who harvest credit card and other personal data from unwitting internet users - as well as potentially turning their PCs into DDOS weapons - rather than waiting for federal agencies to get into gear.