toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Flashback.K-infected Macs dropping rapidly, Symantec finds

updated 03:00 am EDT, Wed April 18, 2012

Now under 100,000 units, falling fast

The Java-exploiting malware OSX.Flashback.K variant has ceased to be a meaningful threat to Mac owners, and the number of infected Macs has dropped to one-sixth its high point in just over a week, reports utility vendor Symantec. The malware, which was the most successful attack thus far in the Mac world due to a slow updating of Java, was never much of an actual security threat but did manage to reach around one percent of installed base, a record for malware penetration.

A number of factors have played a role in reversing the malware's course, primarily some quick action from Apple once the Trojan's infection rate began to rapidly increase. In part, however, Apple's lethargy in pushing out an update to Java (Oracle had corrected the flaw about six weeks earlier) is at least partially why the malware was so successful in the first place.

Still, the company was finally roused to become aggressive about the problem, and quickly posted three slightly-revised updates to Java as well as its own detection and removal tool, including a version for Lion users who hadn't installed Java. It also went after servers that the malware was attempting to reach, asking authorities for help in shutting down suspect servers.

Symantec says that the number of still-infected Macs is estimated to be under 100,000, which it measures through attempts to contact the disabled command-and-control servers that had hoped to employ exploited Macs in a "botnet" to search for identity information and send it to external sources. The servers were very quickly identified and disabled thanks to early efforts by authorities and anti-virus companies who have experience dealing with previous Flashback variants.

The vulnerabilities that were exploited by Flashback have now also been seen in Microsoft Word documents and a new variation of the Flashback exploit called Sabpab, but these are considered to be extremely minor and diminishing threats. The primary danger is from older Macs still in service that cannot update to the latest versions of Java. Users of those OS X versions are recommended to disable Java entirely.








by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Blairmc

    Joined: Dec 1969

    0

    Ammunition

    For the haters

  1. DaJoNel

    Joined: Dec 1969

    +7

    What haters?

    It is undeniable that OS X is penetrable, however any critics must realize that all security issues rely on 3rd-party, outdated software that is really not under Apple's control. Not only that, but in just a few days, the malware is nearly abolished due to Apple's quick response. OS X still prevails!

  1. testudo

    Joined: Dec 1969

    -2

    Re: What haters?

    It is undeniable that OS X is penetrable, however any critics must realize that all security issues rely on 3rd-party, outdated software that is really not under Apple's control.

    Apple releases updates when it feels like it, Java is under their control as they still release it with Snow Leopard (only in Lion did they 'remove' it).

    Not only that, but in just a few days, the malware is nearly abolished due to Apple's quick response. OS X still prevails!

    What 'quick response'? This malware has been out there for WEEKS, not days. Apple only recently released patches for it, and a remover. And only for some variants of their OS.

    And this is the 'K' variant of this malware. Where was apple's quick response to A-J?

    Apple only releases an update to the latest version of their OS and one generation back. And then, they only release patches that will work off the latest released update to that. So, if you're running 10.6.7 because 10.6.8 broke something, or 10.7.1 because of the same reason, you don't get the fix.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented