Investigations by Russian antivirus firm Dr. Web have concluded that more than 600,000 Mac computers are currently infected by the new strain of Flashback Trojan, with a massive 56.6% of the total infected machines believed to be in the US alone. Apple released an update earlier this week to patch vulnerabilities in Java that could be exploited to run malicious code in a victim's computer, including the newest strain written of the Trojan in question, but this will only protect those that are not already compromised by the malware.
Dr. Web revealed on their website yesterday morning that the Flashback botnet was some 550,000 strong. Later that day, malware analyst Sorokin Ivan revised that figure to more than 600,000 on Twitter.
According to Dr. Web, the US has the most infections with 56.6% of the total infected with the BackDoor.Flashback.39 malware. Of the 300,000 plus infected machines, the Russian antivirus firm also revealed 274 were from Cupertino. Canada had the second highest infection rate with 19.8%, the UK has 12.8% and in fourth place with 6.1% of the total number of infected machines in Australia.
Internet security firm F-Secure has published detailed instructions on how to verify and remove the Trojan should your Mac computer already be infected. Interestingly, they state that the malware can infect a computer even without administrative permissions. "Whether or not the user inputs the administrator password, the malware will attempt to infect the system, though entering the password will affect how the infection is done."
The initial route to infection follows the same path. First the user visits a website which has been infected with the Flashback malware. Upon loading the infected webpage the script is executed, and it then immediately checks for the presence of several antivirus products. Should the presence of any be detected, the script then deletes itself and takes no further action.
If it doesn’t find anything, the malware then connects to a specified URL and downloads the payload. It then proceeds to install this payload, and infects the Mac computer. It appears to do this in one of two separate ways, dependent on whether you give administrative permissions.
For those that refuse to grant them, the malware searches for Microsoft Office 2008, 2011 and Word applications, as well as for Skype. If it fails to find these it then creates several files in the userspace area and creates a launch point in the "~/.MacOSX/environment.plist" location of the Mac user’s home folder.
Those that grant administrative permission will find the infection follows another pathway, creating several files inside Safari’s "/Applications/Safari.app/Contents/Resources" folder, and the creation of a launch point in "/Applications/Safari.app/Contents/Info.plist" to start the malware when Safari is run.
Another note of particular interest is the way the code has been written. It appears to take complete advantage of the average Mac users’ notion that their computer can’t get infected and therefore doesn’t need an antivirus product installed. Those using certain internet security products will therefore not have been infected but it appears to have been written to specifically target those that don't have any installed.
It's also important to note that the installation of the latest security patches from Apple is not enough to resolve the issue for those already infected. Many are now questioning whether Apple could have done more to prevent infections on such a massive scale, especially since Oracle had patches available back in February, but Apple took almost two months longer to release them on their platform.
The Apple iPad (3rd-gen) includes a Retina Display operating at a resolution of 2,048 x 1,536. Powering the new iPad is a dual-core A5X processor with quad-core graphics, it also gets upgraded optics in the form of a 5MP backside illuminated sensor that features a 5-element lens, IR filter and ISP built into the A5X chip. Apple claims The new iPad is good for 10 hours of battery life and nine hours when using 4G LTE.
The iPhone 4S looks identical to last year's model but comes in a new 64GB flavor and upgrades the camera to include an 8-megapixel sensor with improved low-light performance and 1080p video capture. In terms of performance the new iPhone is reportedly up to 2x faster and is also capable of running on faster HSPA+ networks, reaching theoretical download speeds of up to 14.4Mbps.
The Apple iMac 21.5 inch / Spring 2011 Edition is outfitted with a 1080p LED-backlit display, a 2.5GHz quad-core Intel Core i5 processor, an AMD Radeon HJD 6750M discrete graphics chip, and a 500GB 7200RPM HDD. It features a built-in "FaceTime HD" camera, integrated speakers, a slot-loading DVD burner, an IR receiver, an SDXC card slot, four USB 2.0 ports, audio in/out jacks, one FireWire 800 port, Gigabit Ethernet, as well as 802.11n Wi-Fi and Bluetooth 2.1. The 21.5-inch iterations receive a single Thunderbolt port
Read expert reviews, pros & cons, and product information about Apple MacBook Pro 13.3 inch - Winter 2011 Version - Intel Core i5. There are 17 reviews available so far.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.