Over 16,514,251 people are on fubar.
What are you waiting for?

Over 600,000 Macs infected with Flashback Trojan

By Emil Protalinski | April 4, 2012, 8:56pm PDT

Summary: The Flashback Trojan botnet reportedly controls over 600,000 Macs. Thankfully, Apple yesterday released a patch for Java, which the Trojan exploits, so make sure you install it.

Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Javato silently infect Mac OS X machines. Apple has since patched Java, but this was only yesterday. As of today, more than 600,000 Macs are currently infected with the Flashback Trojan, which steals your user names and passwords to popular websites by monitoring your network traffic.

Russian antivirus company Dr. Web first reported today that 550,000 Macs were being controlled by the growing Mac botnet. Later in the day though, Dr. Web malware analyst Sorokin Ivanannounced on Twitter (via Ars Technica) that the number of Macs infected with Flashback had increased to over 600,000:

@mikko, at this moment botnet Flashback over 600k, include 274 bots from Cupertino and special for you Mikko - 285 from Finland

As you can see in the screenshot above, Dr. Web says 56.6 percent of the infected Macs are located in the U.S., 19.8 percent are in Canada, and 12.8 percent are in the U.K.

Flashback was initially discovered in September 2011 masquerading as a fake Adobe Flash Player installer. A month later, a variant that disables Mac OS X antivirus signatures updates was spotted in the wild.

In the past few months, Flashback has evolved to exploiting Java vulnerabilities. This means it doesn’t require any user intervention if Java has not been patched on your Mac: all you have to do is visit a malicious website, and the malware will be automatically downloaded and installed.

Another variant spotted last month asks for administrative privileges, but it does not require them. If you give it permission, it will install itself into the Applications folder where it will silently hook itself into Firefox and Safari, and launch whenever you open one of the two browsers. If you don’t give it permission, it will install itself to the user accounts folder, where it can run in a more global manner, launching itself whenever any application is launched, but where it can also more easily detected.

You can grab the new version of Java that patches the security hole in question from Apple here:Java for Mac OS X 10.5 Update 6Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. Additionally, F-Secure has instructions on how to remove this malware if you think your Mac may already be infected.

http://www.zdnet.com/blog/security/over-600000-macs-infected-with-flashback-trojan/11345?tag=nl.e540

Leave a comment!
html comments NOT enabled!
NOTE: If you post content that is offensive, adult, or NSFW (Not Safe For Work), your account will be deleted.[?]

giphy icon
last post
11 years ago
posts
5
views
2,881
can view
everyone
can comment
everyone
atom/rss

other blogs by this author

 11 years ago
Guyz n' Dollz
blogroll (list of blogs that the blogger recommends)
12 years ago 
The Good, The Bad, and The ... by Ninja  
9 years ago 
Ask the Ninja by Ninja  
1 year ago 
Real Fu-Kin Life. by Johnnydevil  
13 years ago 
Grrrrrrrrrrrrrrr and stuff by Ninja  
9 years ago 
Cooking with Ninja by Ninja  
12 years ago 
help-tips by 1334117  
official fubar blogs
 8 years ago
fubar news by babyjesus  
 13 years ago
fubar.com ideas! by babyjesus  
 10 years ago
fubar'd Official Wishli... by SCRAPPER  
 10 years ago
Word of Esix by esixfiddy  

discover blogs on fubar

blog.php' rendered in 0.0625 seconds on machine '194'.