Distribution of 550,000 Flashback-infected Macs. Source: Dr.Web.com
Apple releases patch as 500,000 Macs infected with the Flashback Trojan.
Apple has released an urgent patch that will fix a security hole in its Mac operating system that has allowed some 30,000 Mac computers in Australia and more than 500,000 worldwide to be infected with malicious software (malware).
The critical update to Apple's version of Java for Mac OS X plugs at least a dozen security holes in the program and mends a flaw that attackers have recently pounced on to broadly deploy a malicious software program, known as Flashback Trojan, both on Microsoft's Windows and Apple's Mac operating systems.
Flashback Trojan's most recent variant (it has been around since 2011) self installs after users visit legitimate websites that have been infected to distribute the program - a process known as drive-by download. Once installed, the malware sniffs data traffic from the computer in search for user names and passwords.
The update, Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, sews up an extremely serious security vulnerability (CVE-2012-0507) that miscreants recently rolled into automated exploit kits designed to deploy malware to Windows users. But in the past few days, information has surfaced to suggest that the same flaw has been used with great success by the Flashback Trojan to infect large numbers of Mac computers with malware.
The revelations come from Russian security firm Dr.Web, which reports that the Flashback Trojan has successfully infected more than 550,000 Macs (hat tip to Adrian Sanabria who wrote on his blog "(...) many Mac users have been lured into a false sense of security, and will be, or may already be, in for a rude awakening. Apple's marketing efforts are at least partially responsible for this."). Dr.Web's post is available in its Google translated version here.
Flashback is an increasingly sophisticated malware strain that sniffs network traffic in search of user names and passwords. Early versions of it prompted Mac users to enter their password before it would run, but the most recent strains will happily infect vulnerable Mac systems without requiring a password, writes Ars Technica, among others. F-Secure has additional useful information on this Trojan attack here.
As Ars notes, although Apple stopped bundling Java by default in OS X 10.7 (Lion), it offers instructions for downloading and installing the Oracle-developed software framework when users access webpages that use it. If you need Java on your Mac only for a specific application (such as OpenOffice), you can unplug it from the browser by disabling its plugin. In Safari, this can be done by clicking Preferences, and then the Security tab (uncheck "Enable Java"). In Google Chrome, open Preferences, and then type "Java" in the search box. Scroll down to the Plug-ins section, and click the link that says "Disable individual plug-ins." If you have Java installed, you should see a "disable" link underneath its listing. In Mozilla Firefox for Mac, click Tools, Add-ons, and disable the Java plugin(s).
Sign up for Computerworld eNewsletters.
On Cloud Nine with IBM
Eric Schnatterly, Vice President IBM Systems for Cloud Platforms, Asia Pacific, talks about the company’s latest pipeline of innovation in the cloud and data space
The Future of Retail in a Digital World
Retailers may face cyber attacks like any other industry, but steps can be taken to guard against cyber crime.
Veeam Availability Platform Designs for Ransomware Resiliency Series
The threat of ransomware is real and should be top of mind for CIOs as well as technology administrators of all types. In this brief, Veeam® will share some key tips to add ransomware resiliency to provide the best levels of Availability for critical applications and data.
VMware Virtual SAN risk avoidance and Availability
Veeam Backup & Replication provides full support for VMware vSAN, enabling faster backups through smart logic that reduces network traffic and enables backup and restore for the storage policy associated with the VM.
Transforming Data protection with Integrations for Microsoft Azure and Microsoft Office 365
Veeam for the Microsoft Cloud provides a consolidated solution for virtual, physical and cloud-based workloads with integrations for Microsoft Azure and Office 365.