Metal Guitarist Forums banner

1 - 18 of 18 Posts

·
(╯°□°)╯︵ ┻━&#
Joined
·
1,986 Posts
Discussion Starter · #1 ·
Flashback trojan reportedly controls half a million Macs and counting

Variations of the Flashback trojan have reportedly infected more than half a million Macs around the globe, according to Russian antivirus company Dr. Web. The company made an announcement on Wednesday-first in Russian and later in English-about the growing Mac botnet, first claiming 550,000 infected Macs. Later in the day, however, Dr. Web malware analyst Sorokin Ivan posted to Twitter that the count had gone up to 600,000, with 274 bots even checking in from Cupertino, CA, where Apple's headquarters are located.

We have been covering the Mac Flashback trojan since 2011, but the most recent variant from earlier this week targeted an unpatched Java vulnerability within Mac OS X. That is, it was unpatched (at the time) by Apple-Oracle had released a fix for the vulnerability in February of this year, but Apple didn't send out a fix until earlier this week, after news began to spread about the latest Flashback variant.

According to Dr. Web, the 57 percent of the infected Macs are located in the US and 20 percent are in Canada. Like older versions of the malware, the latest Flashback variant searches an infected Mac for a number of antivirus applications before generating a list of botnet control servers and beginning the process of checking in with them. Now that the fix for the Java vulnerability is out, however, there's no excuse not to update-the malware installs itself after you visit a compromised or malicious webpage, so if you're on the Internet, you're potentially at risk.

If you think one of your machines may be infected, F-Secure has instructions on how to use the Terminal to find out.



This machine is clean
 

·
Slow Money
Joined
·
14,612 Posts
Fuck. Called it. Macs are not safe. Knew it all along. Going back to windows, the only safe OS

:lol:
Edit: Hah. It deletes itself for you if you run AV :lol:
More Edit: Or if you have MSOffice 2011 or Skype installed too! :lol:
 

·
Banned
Joined
·
21,673 Posts
Fuck. Called it. Macs are not safe. Knew it all along. Going back to windows, the only safe OS

:lol:
Edit: Hah. It deletes itself for you if you run AV :lol:
More Edit: Or if you have MSOffice 2011 or Skype installed too! :lol:
I'd be curious to know if any of this is true, and why.

Also, any sufficiently complex OS is susceptible to malware. It's all about how much it is targeted. Running AV, even free stuff, on a Mac is a no-brainer.

Linux isn't immune either; another Java vulnerability as well as Flash vulnerabilities affect it too.

Funny how it's generally third party shit these days.
 

·
Slow Money
Joined
·
14,612 Posts
I'd be curious to know if any of this is true, and why.

Also, any sufficiently complex OS is susceptible to malware. It's all about how much it is targeted. Running AV, even free stuff, on a Mac is a no-brainer.

Linux isn't immune either; another Java vulnerability as well as Flash vulnerabilities affect it too.

Funny how it's generally third party shit these days.
Presumably to keep itself hidden. I seem to recall reading that someones security key got compromised at RSA home base, and that it took several years to find out about it because the guys responsible for the breach just layed low. I cant find the article to save my life though :/
 

·
(╯°□°)╯︵ ┻━&#
Joined
·
1,986 Posts
Discussion Starter · #15 ·
What. The. Fuck?

Apple Snubs Firm That Discovered Mac Botnet, Tries To Cut Off Its Server Monitoring Infections - Forbes

Boris Sharov, chief executive of the Moscow-based security Dr. Web says he learned Monday from the Russian Web registrar Reggi.ru that Apple had requested the registrar shut down one of its domains, which Apple said was being used as a "command and control" server for the hundreds of thousands of PCs infected with Flashback. In fact, that domain was one of three that Dr. Web has been using as a spoofed command and control server-what researchers call a "sinkhole"-to monitor the collection of hijacked machines and try to understand their behavior, the technique which allowed the firm to first report the size of Apple's botnet last week.

"They told the registrar this [domain] is involved in a malicious scheme. Which would be true if we weren't the ones controlling it and not doing any harm to users," says Sharov. "This seems to mean that Apple is not considering our work as a help. It's just annoying them."

Sharov believes that Apple's attempt to shut down its monitoring server was an honest mistake. But it's a symptom of the company's typically tight-lipped attitude. In fact, Sharov says that since Dr. Web first contacted Apple to share its findings about the unprecedented Mac-based botnet, it hasn't received a response. "We've given them all the data we have," he says. "We've heard nothing from them until this."
 

·
DOO)))M
Joined
·
7,435 Posts
Turns out I had A virus, but it wasn't the Flashback virus :yesway: Plus, I just did a system update as well as updating all my Adobe/Java and shit, so it should've been taken care of before as well
 
1 - 18 of 18 Posts
Top