TechSpot

More than 600,000 Macs infected with Flashback Trojan downloader

By Leeky
Apr 5, 2012
Post New Reply
  1. Investigations by Russian antivirus firm Dr. Web have concluded that more than 600,000 Mac computers are currently infected by the new strain of Flashback Trojan, with a massive 56.6% of…

    Read the whole story
     
  2. bielius

    bielius TS Booster Posts: 228   +14

    That's a lot, but they can't compare to PC's yet :(
     
  3. SalaSSin

    SalaSSin TS Member Posts: 95   +30

    Queue someone laughing with the "no viruses for Mac" adagio...

    Wait, i just did it...
     
  4. Sunny87

    Sunny87 TS Enthusiast Posts: 120   +11

    I haven't been infected thank you ClamXav and well done to my lack of ignorance enabling Mac OS X built in firewall, lets be honest here though this is not the first time Java has been under this sort of publicity, I also believe there was a similar thing with flash, and thats why ladies and gentle men I have moved on from making websites with flash HTML5 ftw!
     
  5. TechM633

    TechM633 TS Rookie Posts: 33

    I cant wait to watch Apple and it's isheep followers explain this one away.....LOL!!
     
  6. Sunny87

    Sunny87 TS Enthusiast Posts: 120   +11

    They won't they will turn it on other brands, they will now use the excuse of "Well now we are getting more popular"

    If I remember rightly there was an iPod virus a few years ago, all of that got shoved to Microsoft (tbh Apple was the carrier of the virus, it didn't do anything until you plugged it into a Microsoft computer and it infected millions of other portable storage devices around the world)

    And I will say I think lots of the Apple fanboys that where so ignorant to the virus thing are dying off or keeping very quite these days, I worked with a contractor in a school when we where fitting Mac Os X into the music department, and I asked him he's views on viruses and I stated about if they where more popular that they would be getting attacked more and because I wanted to install antivirus software across the network, and he's response to this was "Mac's getting viruses is and always will be a myth" I wonder where he is now?
     
  7. quote: ""Queue someone laughing with the "no viruses for Mac" adagio...""

    This is just urban myth that died out in the early 2000's . And the people that do say it are just silly. Its good thing that windows has no silly users.
     
  8. quote: ""They won't they will turn it on other brands, they will now use the excuse of "Well now we are getting more popular"""

    are you saying they are getting malware now because they are NOT getting more popular? True reasons are never excuses but rather reasons.
     
  9. NTAPRO

    NTAPRO TS Enthusiast Posts: 811   +91

    Of course the US would have the highest percentage :(
     
  10. Sunny87

    Sunny87 TS Enthusiast Posts: 120   +11

    I think there getting them because groups that make viruses want to be the ones that did, I'm not one to be saying anything about popularity as I simply don't know what the figures are on the amount of users from one system to the next, I'm just speculating on what might happen or be said.
     
  11. Not really surprising as the Mac people don't think they can get viruses, since they have been told that. If you can't get them, no need to protect your computer, no protection means you are more likely to get something.
     
     
  12. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,552   +301

    For those that have a Mac and didn't click through on instructions to see if you are infected, I'll put how here. Open Terminal and copy paste.

    defaults read /Applications/Safari.app/Contents/Info LSEnvironment

    If that comes back with "The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist" then copy paste this in Terminal:

    defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

    If that comes back with "The domain/default pair of (/Users/YourUserName/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist" then you are safe. If it doesn't, click through on the link in the article for the F-Secure removal page.

    Aside from that, it is interesting that the trojan backs out if it finds an AV or LittleSnitch installed. The article gives an explanation for why that is. But if you don't put in your password, the trojan also backs out if you have Word, Office 2008 or 2011, or Skype. I don't understand the reasoning for backing out with those apps installed.


    Also, just a note to everyone calling this a virus. It isn't, it is a trojan. That doesn't change the fact that a Mac can be 'infected', and most attacks on computers now are trojans rather than viruses. I'm only pointing this out because you are getting the terminology wrong, and when you are doing so to laugh at Mac users it makes you sound about as informed on things are you perceive a Mac user to be.
     
  13. Vrmithrax

    Vrmithrax TechSpot Paladin Posts: 1,286   +232

    An urban myth? They should probably tell their apostles in the Apple Stores then - I've heard that "Macs don't have viruses" diatribe spouted off multiple times in the last 6 months (in different stores) as part of the sales pitch to convince hapless buyers as to why the Macbook is "worth so much more than a PC."
     
  14. Sunny87

    Sunny87 TS Enthusiast Posts: 120   +11

    It's all well and good trying to argue the difference between the term virus and trojan, but as long as it got through it's still open to other things happening, for a while now windows machines that get infected with a trojan often fall apart from there getting viruses shortly afterwards depending on the type of attack the trojan is scripted to do, people have tried and failed before to argue the difference between the two, but with AV software reporting trojans as found viruses you're not going to change anyones minds or terminology's of explaining that they have a virus or trojan.

    And yeah I agree fanboyisum is rife I've been fighting it for a years but I feel the need to give up!
     
  15. cliffordcooley

    cliffordcooley TechSpot Paladin Posts: 6,003   +1,503

    Forgive my ignorance, as I've always thought of a trojan as being a special type of virus. I've always seen virus as a general term for all infection aside from ad-ware.

    Since you brought it up, I can see now that virus has a category to itself.

    Malware includes: (Malware Wikipedia link)
    • computer viruses
    • worms
    • trojan horses
    • spyware
    • adware
    • most rootkits
    To be honest I've never really separated spyware and adware into their own categories either. :/

    Instead of keeping up with which one belongs to what category, I will refer to everything as malware.
     
  16. Sunny87

    Sunny87 TS Enthusiast Posts: 120   +11

    You just proved my point above most people (I'm also guilty as above) find it quicker and easier to just place them under one term, the average user cares not for the difference but worries just as much the same be it virus,trojan, malware act.
     
  17. ... because EVERY layman knows "Macs can't catch viruses" lol
     
  18. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,552   +301

    Thats fine, I even put in my post it doesn't make much difference because the Mac is still being 'infected'. I'm just saying, everyone loves these threads because its free reign to bash the Mac community. In one breath (even in this thread) people say they are hearing diatribes about mac's not getting viruses, then in the next breath they are citing this as an example. The terminology exists, and the people that get all excited about reading how a Mac has a trojan vulnerability are using incorrect terminology.

    So at the time you are laughing at Macs "don't get viruses", the people you are making fun of for saying that are still technically correct.

    So there is a distinction in it.

    Now, having said that, to paraphrase something I saw elsewhere, this all fits into the realm of "stuff I don't want on my Mac". So in the general sense, your point is made and understood.

    I'm just saying, that it seems like people's anti Mac attitude gets the best of them in these threads and then confusing or not knowing the difference in the terms makes you sound just as uninformed as the Mac users you love to hate.

    All it takes is 1 more letter of typing to type 'trojan' rather than 'virus' and this could be avoided (but then that would have reduced the amount of posts in this thread significantly).

    Edit - just in my typing this post, a guest further proved my point.
     
  19. mario

    mario Ex-TS Developer Posts: 399   +17

    Something very important missing from the comments, this issue is only caused by holes in third-party software, Apple has stopped bundling Flash and Java on OS X since Lion because of these kind of security issues.
     
  20. RH00D

    RH00D TS Addict Posts: 408   +105

    You're trying to shift the blame away from Apple but the point everyone is making is that the OS X platform is vulnerable, which it is. Doesn't matter if it's through third-party holes or not. The point is that the OS X platform can be and is being exploited.
     
  21. Vrmithrax

    Vrmithrax TechSpot Paladin Posts: 1,286   +232

    Definitely fair points, SNGX1275... But, arguing semantics over "virus" vs "trojan" can cloud part of the bigger picture: there is a direct correlation that is relevant to the typical layperson when looking at Macs and security. For example, the Apple salespersons that I observed selling the "Macs don't get viruses" mantra were claiming that the Mac is "so secure that you don't need that horrible security software PCs require" as part of their sales pitch. As most in the PC world know, security software catches a multitude of evildoers, virus and trojan alike. So, that "Mac's can't catch viruses" belief can spill over into a false sense of security in the general populace, who really don't necessarily know the difference between a virus, worm, trojan, etc. And this propagated attitude of some kind of mystical superiority tends to cause uneducated users to let their guard down (or never even have it up to begin with), allowing things like these trojans to sneak in.
     
  22. Any software can be compromised. ANY, ANYWHERE period. It is the nature of executing instructions.

    Regardless, Mac's still fair multitudes better in this regard mainly due to four related factors:

    1. Less proliferation
    2. Higher price of entry
    3. Quality control
    4. More locked down

    As OS X transitions to the iOS way of doing things, 3 and 4 will become the prominent factors for it's superiority in regards to infection.
     
  23. Leeky

    Leeky TS Evangelist Topic Starter Posts: 4,378   +98

    That's just because Apple computers are more populated in the US than other regions of the world. I don't think anyone should take it as any indication of the intelligence of those using them, its a simple case of them outnumbering the computers sold in other countries like the UK, for example.

    @Mario,

    Very true, but the fact Apple took almost two months to patch updates that Oracle released in February is inescapable. The principal point here is Apple shouldn't have taken the removal route, they should have fixed it sooner. I don't feel that stopping it being shipped by default in OS X Lion or saying people "shouldn't" install them is a good enough reason as it does nothing to solve the underlying problem -- it just masks it up.

    We're not talking about a backyard software developer here, we're talking about two huge software development houses (Oracle/Apple) that have untold resources to address these issues in a timely fashion.

    Quite simply put, Apple took far too long to respond. When you consider that the new strain of the Flashback Trojan was identified in the wild at the beginning of March, yet it took Apple until the beginning of April to address the original flaws (which at the time didn't even include this strain) it is inexcusable.

    The blame rests solely on Apple here. It might be a third party package, but given that Apple continues to exert control over their upgrades they also take responsibility for any consequent actions as a result.

    It makes you wonder what the real state of play could have been had Apple actually immediately released the required patches to render the exploits unusable. Would we be sat here now with over half a million infected Macs? I doubt it.

    For the record, I'm a long term Mac user, and have had Apple Mac computers for pretty much the entire time I've been using computers in general. I even did my computer studies using Apple PowerPC's back in the day (as well as Acorn RISC machines).

    EDIT: While we're on the subject of OS X and the culture of their invincibility, I'm often surprised the levels Apple employees go to when selling them to PC users. To say OS X cannot get viruses or malware is grossly incorrect. Even Apple's own website is misleading. PC Viruses are a thing of the past due to the difference in architecture, but the underlying impression it gives is they cannot get viruses.

    While there may be very few of any massive potential risk in the wild currently, it lures new users into a false sense of security, and once they stop worrying about infection risks it becomes a distant memory. That's without the common misconception that malware and Trojans are viruses. To the average uninformed person they are one and the same, which is precisely why these issues happen.
     
  24. Is anyone actually surprised? Crapple software cannot get any less secure than they already are.
     
  25. MilwaukeeMike

    MilwaukeeMike TS Evangelist Posts: 2,088   +716

    Uhh... so what does the virus do? Doesn't anyone want to know? Did I miss that part?
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.