Flashback Trojan Responsible for Nearly 600,000 Mac Attacks, and Counting

26

Comments

+ Add a Comment
avatar

trhl4589

mann if macs get viruses i dont trust a computer at all lol nah im jk but i dont trust macs unless it has donalds as the 2nd name lol jk

avatar

Engelsstaub

I checked it. Nothing...per usual. Checked seven other people's Macs...nothing.

I stopped using AV on my Mac because the probability of me getting a trojan on my Mac (WITHOUT AV) is still exponentially lesser than me getting one on my Win PC (WITH ANY AV.)

Is Doctor Web selling some Macintosh AV product too now? Can't wait for the Linux edition considering an "alarming" number of Linux boxes are also completely infected.

A Mac trojan is so rare it's big news. Especially to certain people who just can't wait for users to get even two of the hundred thousand viruses they are susceptible to.

I see some of you are still perpetuating that Market Share Myth again. Tell yourselves whatever you must to sleep better at night. There are enough Macs in use right now to make it worth anyone's time to write malware for the platform. ...and yet you still get this: BIG NEWS when there's something out there that can infect a Mac. (Which can be quickly found and removed through a few Terminal commands.)

avatar

Paul_Lilly

FWIW, there's at least one other source claiming to have confirmed the infection rate of this particular virus, that source being Kaspersky (see here). Obviously Kaspersky has a vested interest here as well, but I wouldn't consider their research a conflict of interest.

avatar

Engelsstaub

Yes, you're right.

I'm surprised I read about this on MPC first. I'm so used to being skeptical (and sometimes giving you guys a little grief) that I started thinking "who the heck is Doctor Web?)

Between Kaspersky and Ars Technica I think I sobered up a bit. Thanks.

avatar

deliciousapple

I had a strange thing happening yesterday on my Mac: suddenly like a grey curtain slowly descended on the screen and then the systen crashed... never happened before. Then I had a report to be sent to Apple???? I took a picture of it but didn't press the send button. How can I check if there is a virus or trojan or whatever on my Mac?

avatar

Engelsstaub

Sounds like a regular crash, dude. What you're describing is what happened a few times to me while running a guest OS in VirtualBox and gave it too much CPU. This is the only way I've ever crashed a Mac to date. (...but it's happened more than once.)

If you're looking for the trojan that the author is talking about just follow these instructions (Apple may have already updated it but it won't hurt to look anyway.) It's easier for me to link you to the sister publication Mac|Life. They guide you through it here:

http://www.maclife.com/article/news/600000_mac_users_afflicted_flashback_trojan_are_you_one_them#comment-99354

I run a "passive" AV scanner on mine from Kaspersky. It's only $10 USD in the Mac App Store. There's some free solutions there as well. I saw one from Bit Defender that was free. There's also ClamXav which is a free active scanner. Those are ones I personally recommend FWIW. Just type "virus" into the search and you'll find some alternatives. (You already know how I feel about real-time AV on OS X, but only you know what's right for you.)

...but I believe you just had a regular crash. Just like a Windows BSOD. That Mac|Life article has concise instructions on how to find this particular trojan though.

EDIT: there's actually an even more thorough article on Ars:

http://arstechnica.com/apple/news/2012/04/how-to-check-forand-get-rid-ofa-mac-flashback-infection.ars

avatar

Wingzero_x

Nothing here either. However I did detect the usual annual BS about how "the security experts" have found the gaping hole in OSX that will bring doom upon mankind.

Also something to point out beyond the fact that this is pretty easy to detect and remove. This is not a result of OSX vulnerabilities but bad programming on Oracle's part.

avatar

Engelsstaub

I kind of detected that too. :D

I'm wondering if paid AV companies are just feeling the hurt of Microsoft Security Essentials taking away from their "Sucker Tax" profits and are now trying to drum up some scare for potential new markets.

Ever notice these "experts for profit" never play this with Linux users? Some of these "Ha, ha!" Windows guys keep talking that Market Share Myth... wouldn't you think authors of malware would want to target an OS that runs 60% or more of the world's servers? I think they pull this with Mac users because (I must fairly admit) many of them don't know nearly as much about their platform as a typical Linux user. (Same as most Windows users, though generally not the type of people who read MPC.)

avatar

scoop6274

As a Windows and Linux user, I have never understood the draw of Apple products. Too closed down, too locked out. But, if Apple is what you like, than Apple is what you should have, your choice. But please, please, please don't give me the run around that Mac's don't get viri/trojans/malware/spyware, etc. All O/S's have their faults, their flaws and their security risks. Yes, OSX, Linux, Windows (we know), Solaris, BSD, etc.

Your argument about attacking Linux that runs "60% or more of the world's servers" is weak. If I'm writing a virus/trojan/etc, why would I write one for servers where arguably some of the smartest IT people work. Server administrators are generally proactive and monitor their systems quite closely (at least the ones I know do, and if others don't they should probably be fired). An infection on a server would likely be picked up quickly and shut down.

Yet, if I write an infection for the average computer user (Mac, PC, Linux, whatev) who clicks on whatever is put in front of them and installs things willy nilly, my infection is more likely to succeed. Also, if I can write an infection that infects the end user, who then connects to the servers, I'll likely have information from both the end user and the server and I'll likely gather that information for much longer and spread much faster because 90% (or more) of end users are oblivious (Mac and PC) vs. the server admin who likely knows better.

To be honest, I don't follow the viri, trojans, malware, spyware news closely because I am concerned about my machines. I am careful, run a quality AV, don't open suspicious emails (even from friends) and don't download stuff without much research. I follow this information so I know how to help fix friends and families computers when they come to me with an issue.

Mac users can delude themselves as long as they want, but the fact is someone will exploit a vulnerability in your precious operating system and Mac's will get infected. It will happen (whether it is a market share thing or not). Take a page from Linux users and be proactive, many are talking about, and using some form of AV. Many understand that Linux is not invulnerable.

avatar

Engelsstaub

I don't believe Macs are invulnerable.

My thoughts about Linux servers was somewhere along the lines of someone wanting to wreak immediate havoc on something critical. I know Linux people and IT would be on top of it fast.

...your points are good and I appreciate them and will think about them. I actually use Linux, Windows, and Mac. All for diff't things. But yeah, OS X is my primary OS at the mo.

avatar

scoop6274

my apologies, while I stand by my points, my intention wasn't to come across in a confrontational tone. I especially didn't mean to refer to you in regards to Macs being invulnerable. However the Mac users I know personally seem to think that Macs ARE invulnerable and regularly flaunt this falacy. So, I often take some form of pleasure when this type of news comes out. :-)

avatar

Engelsstaub

It's cool. At the end of the day we're all computer enthusiasts here :)

avatar

Baer

Their forums are full of stuff that they seem to want to keep under cover, such as the significant issues that the new iPad is having with WiFi. The apple-kiddie trolls badmouth those that complain too much and some of the complaining posts seem to mysteriously disappear after a little while. Look at the Apple forums and see for yourself. Also Apples never crash, they just lock up and you blame yourself and restart them. No annoying blue screen to hurt your feelings by telling you there has been a crash, just a simple and non-threatening lock up. Sweet, just restart, nothing to see here, move along!
As for this Trojan, there have been lots more but Apple kiddies hush them up, after all, it is patriotic to keep Apples false reputation of being infallible intact. The more people that buy Macs the more malware that will be aimed at them. After alll, no one wants to rob a bank with no money

avatar

win7fanboi

I believe it... when Microsoft releases it's patches, they list the thing they are supposed to fix. Not Apple from what I have heard.

avatar

nadako

I was there was a like button these comments are amazingly funny.

avatar

oldobamaliar

everyone that uses a mac has a virus called stupidity

avatar

OccultAssassin

Obviously intelligent posting is not your better characteristic so I guess resorting to trolling is your plea of desperation.

avatar

noobstix

I wonder what happens when Macs get viruses. Do they get annoying pop-ups or maybe some "fatal" error messages?

avatar

Strayz

It is not a Virus, it is an undocumented "Feature"

avatar

Zoandar

It seems I recall, perhaps a decade or two ago, that ANY Java coding was regarded as bad or dangerous, and the general advice given by AV pundits was to avoid Java entirely. What, exactly, changed to the point where we are all using it these days?? Somehow it got turned around to appear to be "good". Once again it seems to be potentially evil. Yet many websites and mini-apps rely on it. Hard to know what to do.

avatar

win7fanboi

+1... java and adobe product usually compete for the #1 virus vector spot. People have started to take software for granted and go with the lowest bidder...

avatar

Shalbatana

They've been resting on their high horse so long, I wonder if they're even really set up to deal with such threats adequately. With good there is always some bad.

PCs have been dealing with viruses for so long I often get a patch before I even knew a threat was out there. With bad, there is always some good.

Maybe we should just switch to linux, where there is good and um, bad.

avatar

win7fanboi

but... but... macs don't get viruses....

avatar

kristie

A trojan is not a virus.

avatar

trhl4589

trojan is a condom lol

avatar

Engelsstaub

Don't bother, kristie. Trust me.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.