Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Apple Flashback Trojan infection shows weekend decline

But 50,000 UK users could be infected

Article comments

The Flashback Trojan could be on the wane despite infecting as many as 50,000 Apple computers in the UK at its peak, an analysis of the malware’s bot traffic by Kaspersky Lab has concluded.

Kaspersky's peak infection numbers were 670,000, it said, a verification of the roughly 600,000 figure put out by security company Dr. Web last week. This still makes the incident the largest confirmed Mac malware outbreak yet recorded.

Using traffic ‘captured’ from the botnet by reverse engineering its Command and Control infrastructure, Kaspersky now estimates that roughly 300,000 of the infections were in the US, 94,000 in Canada, 47,000 in the UK, and almost 42,000 in Australia.

A clutch of countries in the EU, plus Mexico and Japan showed levels under 10,000 that probably reflect the website hosts used to spread it.

Exactly what is happening to the botnet now that it is famous is not clear. Kaspersky said it had seen an encouraging decline in the number of active bots to 237,000 over the Easter weekend, but this could reflect only those machines that were trying to connect to the C&C servers during the measured time period.

Falling or not, the outbreak has alarmed Apple sufficiently for a company infamous for its tardy security response to issue a Java update for OS X v10.7 and Mac OS X v10.6, recommending that those running earlier versions simply disable the software altogether through the browser.

The company has also said it is planning to issue a tool to detect and remove Flashback (or ‘Flashfake’ as Kaspersky calls it).

Not everyone is impressed with Apple’s response and that criticism is likely to grow if Flashback turns out to be merely chapter one of a new age of (relative) Mac insecurity.

“Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time. The problem is exacerbated because up to now Apple has enjoyed a mythical reputation for being ‘malware free’,” said Kaspersky Lab’s chief security expert, Alexander Gostev.

“Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security.”

Worried Apple users should by updating their Java software, after which they can check for infection at Kaspersky’s site.  The company has offered its own Flashback removal tool.

As long predicted by experts working at security companies sometimes criticised for spreading FUD, Apple’s first major malware problem has come through a weakness routinely used to target Windows users, namely Java. Patching the vulnerability won't make future attack less likely - as in the PC world new Java flaws keep appearing, demanding continuous vigilance.

Flashback, which can appear as the offer of a fake Flash update, has been around for more than six months although recent versions work using drive-by downloads requiring no user interaction.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *