Slashdot Mirror

← Back to Stories (view on slashdot.org)

Flashback Trojan Hits 600,000 Macs and Counting

Posted by timothy on from the first-they-came-for-the-windows-machines dept.

twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."

1 of 429 comments (clear)

  1. How to tell whether you are infected by daveschroeder · · Score: 5, Informative

    See here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

    Summary:

    If you open Terminal and run

    defaults read /Applications/Safari.app/Contents/Info LSEnvironment

    and

    defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

    and see:

    The domain/default pair of [...] does not exist

    for each, you are not infected. Also, if you run nearly any AV software or other tools like Little Snitch, you are not infected as it checks for these and deletes itself if found.

    Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]." It just a lot less likely, and has historically been, even accounting for differences in marketshare. As Mac share increases, it only makes sense they'll be targeted more with malware. But Macs, as a whole, are indeed "more secure", in that still, to this day, you are far less likely — even with the complacency or, if you prefer, ignorance, of Mac users — to become impacted with any malware than with Windows. Maybe someday this will change. But it's never been true to date, and isn't true now. The fact that single instances of Mac malware get so blown out of proportion, STILL, is ridiculous. (Though, Apple could do better with patching known vulnerabilities in Java on Mac OS X...)

    The same advice and best practices for avoiding malware apply to Macs as well as any other desktop platform, and Mac users would do well to run current AV software. The Sophos free edition is nice.