Copyright © 2016
Tag - Flashback
The Flashback botnet -- a malware attack which first appeared in 2011 -- has been noted as being still a threat in 2014, according to Intego. Beginning January 2, Intego studied command and control domains, and its sinkhole servers recorded all connections from Macs where Flashback is still active, trying to contact the command and control servers. This research, as of Tuesday, counted 14,248 unique identifiers of Flashback variants.
The Java runtime environment has been updated for both OS X Snow Leopard 10.6.8, and OS X Lion 10.7.4. While Apple historically doesn't discuss specific security updates, this package updates Java to version 1.6.0_33. All previous security fixes are included, such as the Flashback removal tool and automatic disabling of the Java plugin when it has been idle for 35 days.
After possibly infecting up to 1.8 percent of the Macintosh population with a click-fraud macro through a Java vulnerability, the Flashback creators won't get paid despite their efforts, reports Computerworld. Following a coordinated security effort between antivirus vendors and security experts, remote malicious orders were blocked or prevented from effecting an estimated peak 600,000 infected computers. Apple joined the fray late, but provided patches and a removal tool for the malware.
Apple has posted two separate security updates for OS X Leopard. The first, Leopard Security Update 2012-003, disables versions of Flash without the most recent security updates, and instead provides a method of getting the latest release from Adobe. Apple's update is 1.11MB and requires at least OS X 10.5.8.
The Java-exploiting malware OSX.Flashback.K variant has ceased to be a meaningful threat to Mac owners, and the number of infected Macs has dropped to one-sixth its high point in just over a week, reports utility vendor Symantec. The malware, which was the most successful attack thus far in the Mac world due to a slow updating of Java, was never much of an actual security threat but did manage to reach around one percent of installed base, a record for malware penetration.
Apple late Friday followed up its anti-Flashback Java update with its own dedicated Flashback removal tool. The tool finds the "most common variants" of the exploit and will either say if it found and pulled any variant. If needed, it will ask for a full reboot to wipe the malware entirely.
In response to the threat of the Flashback trojan, Norton has launched a free scan-and-removal tool. The utility follows remedies from both Kaspersky Labs and Apple, both which released their removal tools earlier this week. Apple's solution, which was released via Software Update, consisted of a Java update that was said to find and remove the "most common variants" of the trojan. The free utility weighs in at 0.6MB and can be downloaded from Norton's website.
Apple fulfilled promises of a cure for a rare Mac exploit on Thursday evening by posting another key Java update. Java for OS X 2012-003 for Lion owners, and Java for Mac OS X 10.6 Update 8, both actively remove the "most common variants" of Flashback. Loading the update automatically scans for Flashback and, if it's found, lets the user know that it was pulled.