Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Week After Apple's Fix, Flashback Still Infects Half a Million Macs

Posted by timothy on from the retract-all-advice-to-mom dept.

Sparrowvsrevolution writes "Security firm Dr. Web released new statistics Friday showing that the process of eliminating Flashback from Macs is proceeding far slower than expected: On Friday the security firm, which first spotted the Mac botnet earlier this month, released new data showing that 610,000 active infected machines were counted Wednesday and 566,000 were counted Thursday. That's a slim decrease from the peak of 650,000 to 700,000 machines infected with the malware when Apple released its cleanup tool for the trojan late last week. Earlier in the week, Symantec reported that only 140,000 machines remained infected, but admitted Friday that an error in its measurement caused it to underestimate the remaining infections, and it now agrees with Dr. Web's much more pessimistic numbers."

8 of 161 comments (clear)

  1. Re:Well clearly by __aaqvdr516 · · Score: 4, Interesting

    That's what TFA says. The infected machines haven't had the updates installed. That implies that the owners either don't know that they are infected or don't care. I'm leaning towards the former.

    With the number of machines that remain, it seems clear also that Mac users aren't using auto updates. What's up with that?

  2. makes more sense by sribe · · Score: 5, Interesting

    I had wondered how in the hell it got that low that fast--a couple of days after Symantec reported 140,000, they or someone else reported 30,000. But checking the Java vulnerability against versions installed with Mac OS X, it seems that 10.4 and 10.5 should also be vulnerable, while Apple only patched for 10.6 and 10.7. That alone should prevent the numbers dropping so far so fast. Sigh. Smooth move Apple.

    1. Re:makes more sense by hairyfeet · · Score: 4, Interesting

      Wow...10.5 was released in 2007 and its ALREADY unsupported according to the wiki? damn maybe folks shouldn't have marked the AC a troll that made the joke about buying a new Mac every year. I thought the big selling point on the Mac was how "high quality" Macs were? Yet the support drops after less than 5 years? I guess that's why I never really got into macs, i just don't get it.

      As for TFA can we FINALLY acknowledge and admit that what the windows guys have been saying all these years is true, that you become a big enough target and you WILL get malware? After all we've seen this with both Apple and Linux with Android, and frankly it should have been incredibly obvious with just a moment's thought. I mean where do Windows viruses come from? Well since Vista made running as a limited user mandatory the vast majority I've seen has been PEBKAC, so how can switching OSes magically turn a PEBKAC user into an admin? Answer...it can't and that was the point.

      In the end one can't escape the simple fact that ALL OSes are extremely complex collections of very advanced programs and as we all know the more advanced something is the easier it is for a clueless person to break it. Sadly in this case the clueless user was Apple for not pushing out the bog standard version of Java and instead insisting on rolling their own, which would have been fine if it could do so VERY quickly but instead the apple version of java fell farther and farther behind the mainstream. At that point a major attack was inevitable, the only question was when.

      If I was a paranoid person i'd have to wonder if this wasn't by design, after all who would fault Apple if they restricted or outright banned Java as a security risk now? Of course Java like Flash allows one to run web based apps which bypasses the appstore which Apple has sunk so much into so a pessimist might say that Apple wants java to go the way of flash and what better way than to remove it to better protect the user?

      --
      ACs don't waste your time replying, your posts are never seen by me.
  3. Re:Apple didn't issue fix 10.5, 16.5% of it's user by Billly+Gates · · Score: 1, Interesting

    My issue is Macs are expensive and therefore mac users do not upgrade as often. The old Mac argument was that a PC would go obsolete in 3 years while mac users will use their machines for 7 years or more and still get support.

    MacOSX does not get updates if you are just a few years old. Many people buy used macbooks because of the price and are getting let out. Many do not even know they are not supported.

    I hope you are right about Apple. They should at least let their users know to upgrade for the latest security threats ... assuming you can if you are first generation intel owners or powerpc.

    --
    http://saveie6.com/
  4. The numbers by glitch0 · · Score: 5, Interesting

    I'm not discrediting these guys and I'm honestly curious: How to they arrive at these numbers? How does one determine if a computer is infected without access to said computer?

    Do they port scan 1000 random machines and extrapolate from there? I'm genuinely curious to know their methods. How could they arrive at such a precise number? Surely they must only have a sample of macs and use statistical models to extrapolate, right? They can't scan all the macs, right? right?

    How do they do it?!?!

    --
    -Glitch "We all know Linux is great...it does infinite loops in 5 seconds." - Linus Torvalds
  5. Re:Well clearly by zippthorne · · Score: 3, Interesting

    And once again, it doesn't do even the above if you're logged in as a regular user. You have to manually kick it off to even find out there *are* updates.

    It's not hard to kick it off, but it is something you have to bother to remember to do. Which, "your parents" probably do not ever really think about.

    --
    Can you be Even More Awesome?!
  6. Apple articles always frustrate me by Anonymous Coward · · Score: 1, Interesting

    I always come to slashdot first, as an only marginally tech proficient individual. This has always been great when I owned a PC, however, it's useless now that the household went mac. All I see are the same crappy responses. Something about it "just working". Something about the cost of a mac versus PC. Something about mac users being smug. Something about mac users not being smart enough to worry about virus because "mac's don't get them." A screed about closed garden, with a side of open source politics thrown in.

    I really do wish that the articles on Apple could actually be useful and we could discuss, if this is hitting computers that were patched, or not. How do you check your computer, with links to whatever that site was that gave a step by step. Whether or not Apple's fix's are actually fixing, or if us Mac folks should look for a third party solution. That kind of information is always abounding on other articles, why not here?

  7. I wish Microsoft... by sideslash · · Score: 3, Interesting

    ...would hire those two dudes from the "I'm a Mac and I'm a PC" commercial for a reunion commercial. I'm sure Apple would sue, though, because Apple only has a sense of humor when they are making fun of other people.