April 10, 2012 1 Comment-
Trouble in Appe Garden.
The news that Apple Mac computers have finally fallen victim to a massive malware attack gives me mixed emotions. It’s certainly an interesting topic for a security blogger, but it’s also terrible, because I have a MacBook and I don’t have any security provisions for it.
Mac users have been riding out what our security experts call “security through obscurity”. Because the market share for OSX was so small, most users did without virus protection – even I’m guilty! So when news broke last week that at least 600,000 Macs had been infected with malware, I stepped away my Mac and got investigating.
Discovered by security firm Dr Web, the “Flashback” trojan is not the only Mac malware, but it’s the most notable. The infection pretends to be a Flash player update, and as it is considered good practice to keep your computer up to date, many people installed it
Flashback will then disable XProtect, Apple’s in-built antivirus program built into OSX 10.6.7 onwards, and also prevent it from updating in future. It’ll also redirect the user to a bogus website, which will automatically install a java-applet containing an exploit. This exploit then disables the Mac’s user account control settings, allowing the malicious program to automatically be installed without the user’s consent. Ouch.
What’s equally scary is that Apple has added to its own problems. According to Daily Tech, Oracle (the creator of Java) fixed the exploit on February 14th, but because OSX can only be updated by Apple, users had to wait until April 4th for to get the fix. That’s almost two months for hackers to exploit the security hole.
It’s not the first time Apple have been slow to respond to security issues, either. According to ZDNet, an update in April 2011 “repaired 23 separate vulnerabilities [and] every one of the vulnerabilities in the April update had existed in OS X for a minimum of 18 months before being patched.”
ZDNet paints an even bleaker picture for older Mac users: if you have a version of OSX older than Snow Leopard (10.6), you’re vulnerable to the infection and there’s no patch available. Seriously Apple, Microsoft kept up support for Windows XP until last year – maybe you should learn a lesson?
To find out if you’ve been infected with Flashback, head over to: http://www.pcadvisor.co.uk/news/software/3349886/free-tool-detects-flashback-mac-malware-pestilence/. There’s a tool to download that should identify any Flashback infections on your system.
So remember: Macs aren’t immune from viruses, and most likely, they never will be.
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive