Mac Trojan Infects Over 600,000 Computers
If you’re one of the many who believe that Macs are shrouded in a protective shield that makes them impervious to attack, it might be time to shelve that incorrect, yet comforting notion.
In February, Russian antivirus provider Dr. Web was the first to report the Flashback Trojan affecting Mac computers. Fast-forward to March and reports estimated as many as 670,000 computers worldwide were infected.
A recent VentureBeat article described the attack:
The Flashback Trojan enters computers through infected websites. When a user visits the infected website, they are prompted to download a browser plug-in, such as Flash, in order to see more content. When they download the “plug-in,” the malware accesses a hole in Apple’s customized version of Java and thereby gain access to the computer.
This map, taken from Dr. Web, shows that over half of the infected computers were in the United States, with 274 reports from Cupertino, CA, where Apple is headquartered. Ninety-eight percent of the affected computers were running OS X. Apple has since patched this vulnerability. You can see if your computer is infected and, if necessary, get the Apple update here.
The Flashback Trojan is notable because it’s the first time in Apple’s history that an attack didn’t require some kind of phishing or social engineering scheme to work. The Flashback Trojan has actually been around since September 2011, though early versions required an admin password to launch.
While the Flashback Trojan targeted a Java vulnerability, a second variant of the Trojan, called Backdoor.OSX.SabPub.a (SabPub) or SX/Sabpab-A, attacks through Word docs that are attached to emails, which once downloaded and opened infects the computer. You can learn more about this variant here or here.
It’s likely that these are only the first of (probably many) future Mac Trojans. As Macs become increasingly more popular, so to will attacks of this sort. Here are some good computer and internet techniques to keep you and your Mac workstations protected.
- Always install the latest software and security updates.
- Turn Java and/or Flash off in your Web browser.
- Stay vigilant when visiting new websites or receiving software download requests or emails from senders you don’t know.
- And lastly, perhaps it’s time to consider Mac anti-virus.