Slashdot Mirror


A Week After Apple's Fix, Flashback Still Infects Half a Million Macs

Sparrowvsrevolution writes "Security firm Dr. Web released new statistics Friday showing that the process of eliminating Flashback from Macs is proceeding far slower than expected: On Friday the security firm, which first spotted the Mac botnet earlier this month, released new data showing that 610,000 active infected machines were counted Wednesday and 566,000 were counted Thursday. That's a slim decrease from the peak of 650,000 to 700,000 machines infected with the malware when Apple released its cleanup tool for the trojan late last week. Earlier in the week, Symantec reported that only 140,000 machines remained infected, but admitted Friday that an error in its measurement caused it to underestimate the remaining infections, and it now agrees with Dr. Web's much more pessimistic numbers."

6 of 161 comments (clear)

  1. Re:Well clearly by __aaqvdr516 · · Score: 4, Interesting

    That's what TFA says. The infected machines haven't had the updates installed. That implies that the owners either don't know that they are infected or don't care. I'm leaning towards the former.

    With the number of machines that remain, it seems clear also that Mac users aren't using auto updates. What's up with that?

  2. makes more sense by sribe · · Score: 5, Interesting

    I had wondered how in the hell it got that low that fast--a couple of days after Symantec reported 140,000, they or someone else reported 30,000. But checking the Java vulnerability against versions installed with Mac OS X, it seems that 10.4 and 10.5 should also be vulnerable, while Apple only patched for 10.6 and 10.7. That alone should prevent the numbers dropping so far so fast. Sigh. Smooth move Apple.

    1. Re:makes more sense by hairyfeet · · Score: 4, Interesting

      Wow...10.5 was released in 2007 and its ALREADY unsupported according to the wiki? damn maybe folks shouldn't have marked the AC a troll that made the joke about buying a new Mac every year. I thought the big selling point on the Mac was how "high quality" Macs were? Yet the support drops after less than 5 years? I guess that's why I never really got into macs, i just don't get it.

      As for TFA can we FINALLY acknowledge and admit that what the windows guys have been saying all these years is true, that you become a big enough target and you WILL get malware? After all we've seen this with both Apple and Linux with Android, and frankly it should have been incredibly obvious with just a moment's thought. I mean where do Windows viruses come from? Well since Vista made running as a limited user mandatory the vast majority I've seen has been PEBKAC, so how can switching OSes magically turn a PEBKAC user into an admin? Answer...it can't and that was the point.

      In the end one can't escape the simple fact that ALL OSes are extremely complex collections of very advanced programs and as we all know the more advanced something is the easier it is for a clueless person to break it. Sadly in this case the clueless user was Apple for not pushing out the bog standard version of Java and instead insisting on rolling their own, which would have been fine if it could do so VERY quickly but instead the apple version of java fell farther and farther behind the mainstream. At that point a major attack was inevitable, the only question was when.

      If I was a paranoid person i'd have to wonder if this wasn't by design, after all who would fault Apple if they restricted or outright banned Java as a security risk now? Of course Java like Flash allows one to run web based apps which bypasses the appstore which Apple has sunk so much into so a pessimist might say that Apple wants java to go the way of flash and what better way than to remove it to better protect the user?

      --
      ACs don't waste your time replying, your posts are never seen by me.
  3. The numbers by glitch0 · · Score: 5, Interesting

    I'm not discrediting these guys and I'm honestly curious: How to they arrive at these numbers? How does one determine if a computer is infected without access to said computer?

    Do they port scan 1000 random machines and extrapolate from there? I'm genuinely curious to know their methods. How could they arrive at such a precise number? Surely they must only have a sample of macs and use statistical models to extrapolate, right? They can't scan all the macs, right? right?

    How do they do it?!?!

    --
    -Glitch "We all know Linux is great...it does infinite loops in 5 seconds." - Linus Torvalds
  4. Re:Well clearly by zippthorne · · Score: 3, Interesting

    And once again, it doesn't do even the above if you're logged in as a regular user. You have to manually kick it off to even find out there *are* updates.

    It's not hard to kick it off, but it is something you have to bother to remember to do. Which, "your parents" probably do not ever really think about.

    --
    Can you be Even More Awesome?!
  5. I wish Microsoft... by sideslash · · Score: 3, Interesting

    ...would hire those two dudes from the "I'm a Mac and I'm a PC" commercial for a reunion commercial. I'm sure Apple would sue, though, because Apple only has a sense of humor when they are making fun of other people.