Huffpost Technology

Mac Flashback Trojan Affecting Thousands: Apple Issues Fix (UPDATE)

Posted: Updated:

UPDATE: On April 5, MacRumors reported that Apple released another update to Java for OS X, called Java for OS X 2012-002. The site also indicates it's still unclear what this newest update actually does, as its support document gives no new information.

Mac security blog Intego explained that Apple may have discovered a minor glitch in the first update it released on April 3 and points out that this latest update seems to only be available for Lion, while the last one was available for both Snow Leopard and Lion.
____

PREVIOUSLY: If you thought your Mac was safe from harmful computer viruses, think again.

Ars Technica reported on April 4 that Trojan BackDoor.Flashback.39, or the "Mac Flashback trojan," has returned with a vengeance in recent weeks, now affecting hundreds of thousands of Apple laptops.

Ars first reported about the issue on April 2, explaining that anti-virus and computer security firm F-Secure had spotted the trojan in action.

Later, on April 4, the site pointed out that it was Russian IT-security solutions vendor Dr. Web that revealed how widespread the problem has become in a post published on the Dr. Web blog earlier on the same day.

"Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system," explained Dr. Web. "JavaScript code is used to load a Java-applet containing an exploit."

In response to the problem, Apple released an update on April 3 to patch up the security holes that exist in Java. While all Mac-owners should make sure to update their devices, you can always check to see if your Mac has been infected using your device's Terminal. Directions for this process, as well as for how you can manually disinfect your Mac, have been provided by F-Secure. (You can access the patches via Apple Support, here or here.)

As of April 4, Dr. Web found that more than half of the 555,000 infected computers were in the United States, nearly 20 percent were in Canada and nearly 13 percent were in the United Kingdom.

Malware analyst Sorokin Ivan has since shared that the trojan has now reached 600,000 devices, tweeting the following, later on in the day on April 4:

First signs of the Mac Flashback trojan appeared last September; back then it had masqueraded as malicious links offering installation of Flash Player.

The trojan eventually prompted software company Oracle -- which, according to CNNMoney, has been responsible for Java programming since it acquired Sun Microsystems in 2010 -- to release a Java security update on February 14, more than a month before Apple did.

Mike Geide, senior security researcher at cloud security company Zscaler ThreatLabZ, warned of the importance of keeping your software up to date, no matter what OS you use.

“This latest wave of infections is a wake-up call to Mac users that their system is not immune to threats," Geide said in an emailed statement. "And the need to follow best security practices, such as remaining current with patches, is ubiquitous -- it doesn't matter if you’re using Windows, Mac, or even mobile phone.”

Have you updated your device? Let us know in the comments below!

Related on HuffPost:

Suggest a correction

Around the Web

PSA: Apple patches Flashback trojan affecting 600000 Macs ...

Intego finds new, insidious strain of Mac Flashback Trojan horse ...

Flashback trojan reportedly controls half a million Macs and counting

Half a million Macs infected by 'Flashback' Trojan - Telegraph

Over 600000 Macs infected with Flashback Trojan | ZDNet

Flashback trojan captures over half a million Macs - SlashGear

Flashback Trojan Hits 550000 Macs

'Rude awakening' for Mac users: serious Mac flaw needs urgent fix

Detecting and removing the Flashback malware in OS X

 
From Our Partners