Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Flashback Trojan Hits 600,000 Macs and Counting

timothy posted more than 2 years ago | from the first-they-came-for-the-windows-machines dept.

Desktops (Apple) 429

twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."

Sorry! There are no comments related to the filter you selected.

Linux (-1, Offtopic)

smc170 (2609895) | more than 2 years ago | (#39583819)

Linux has been going for years, still going strong!

Re:Linux (1, Flamebait)

Aeros (668253) | more than 2 years ago | (#39583935)

thats nice

Re:Linux (-1)

Anonymous Coward | more than 2 years ago | (#39584159)

Obligatory Slashtard Linux sodomite comes out of the woodwork to talk shit. *yawn* Are you relevant in the mainstream desktop market yet?

Re:Linux (1)

NatasRevol (731260) | more than 2 years ago | (#39584239)

So, Linux has NEVER had a java exploit?

Macs don't get hacked (5, Funny)

Dunbal (464142) | more than 2 years ago | (#39583841)

Is it just wrong if I laugh a little?

Re:Macs don't get hacked (5, Funny)

ifrag (984323) | more than 2 years ago | (#39583891)

Is it just wrong if I laugh a little?

Try to keep it to a low chuckle. The reality distortion field might break under greater strain.

Re:Macs don't get hacked (4, Funny)

alphatel (1450715) | more than 2 years ago | (#39583927)

Is it just wrong if I laugh a little?

Try to keep it to a low chuckle. The reality distortion field might break under greater strain.

It just works!

Re:Macs don't get hacked (5, Insightful)

Johnny Mister (2610721) | more than 2 years ago | (#39583963)

The funny thing is that Linux users still seem to be under this belief about their OS. The truth is that every OS gets malware, it's just about the market share.

Re:Macs don't get hacked (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#39584349)

The truth is that every OS gets malware, it's just about the market share.

So, you are stating confidently that if there were two competing OSs, both with a 50% market share, one of which was riddled with known unpatched remote exploits and where every user was the equivalent of root at all times, and the other was using the best of all the security features from OS X, Linux, Windows, BSD etc. that they will still both end up with the same amount of malware, because it's *just* about market share - i.e. no other factor has *any* relevance whatsover?

What a retard.

Re:Macs don't get hacked (4, Insightful)

tripleevenfall (1990004) | more than 2 years ago | (#39584365)

To be fair this is a Java exploit, and it's already been closed by Apple.

The dullard users are probably receiving security updates automatically, and so they'd have been updated as of Tuesday.

Aside from this, the general public does not seem vulnerable:

Security researchers have uncovered yet another Mac Trojan in the wild, this time hiding inside pirated versions of the Mac OS X image editing application GraphicConverter.

The pirated copy of GraphicConverter 7.4 is being actively distributed on file-sharing networks and torrent sites like Pirate Bay and contains the DevilRobber Trojan, Sophos researchers reported on 29 October. Once on the Mac OS X, DevilRobber creates a backdoor for remote access and installs a Bitcoin miner that uses up spare system resources and steals the content of the user’s Bitcoin wallet, according to Sophos.

Re:Macs don't get hacked (2)

tripleevenfall (1990004) | more than 2 years ago | (#39584513)

(after reading more closely, that appears to be a trojan that exploited the same vulnerability.)

About the users too (4, Insightful)

monkeyhybrid (1677192) | more than 2 years ago | (#39584387)

Market share has something to do with it, as does a pretty good track record of security, but the type of users that use Linux is also a significant reason that we don't see widespread malware affecting desktop Linux. Your typical Linux user is generally more nerdy, computer literate and security concious.

If you did a survey of how many users clicked on pop-up banners, opened PDFs from spam email, granted permission to untrusted Java applets, etc, I bet the percentage of Linux users who fell in the traps would be smaller than the other OS users.

Re:Macs don't get hacked (5, Interesting)

TheRaven64 (641858) | more than 2 years ago | (#39584405)

It's not just about market share, although that does play a large part. For malware you spread you need a large or sufficiently interesting target for someone to bother writing it (an OS with only a dozen users, all of which were major banks that used it for Internet-facing transaction processing systems, for example, would be an interesting target even though it would have a tiny market share).

Then you need an attack vector. Operating system vulnerabilities aren't that uncommon (check the CVE database for the Linux kernel), but most of the time these attacks come through userspace applications. From there, it depends on what the attacker wants to use. Desktop operating systems tend to be more vulnerable in this regard because very few applications are properly sandboxed, so once you've compromised one you've got complete access to everything the user does. Server software tends to be a bit more careful with privilege separation, so a Linux server may be a lot more secure than a Linux desktop.

Finally, you need some mechanism for it to spread. This is often related to market share. For example, Windows worms used to be very common because if you look at any random IP on the local network you're likely to find a Windows machine. If you've got some Windows exploit, you can spread to every machine on the network very quickly. The same was true of email worms - a worm that compromised Outlook Express could send a message to everyone in the address book, and at least some of them would be running Outlook Express and so it would spread. In contrast, if the lone Mac in the corner of the office is infected then it's harder for it to find another Mac to infect before someone spots unusual traffic patterns and cleans it up.

Re:Macs don't get hacked (0)

Anonymous Coward | more than 2 years ago | (#39584491)

Its actually more complex than that. Linux users are historically more advanced users. That doesn't mean all of them are, but that's historically accurate, on average, nonetheless. This tends to make the platform bother harder to attack and harder to keep them infected. Also, Linux has roughly the same market share as Mac; with a 5%-6% share.

Having said that, as others have already pointed out, the vulnerability was not a Mac problem but, surprise, an Oracle/Java problem. So really, attacking Apple for another vendor's flaw is dumb.

Re:Macs don't get hacked (2, Interesting)

ericloewe (2129490) | more than 2 years ago | (#39583999)

Apple should advertise OS X to hackers:

Instead of stuff like "Robust Kernel based on Unix" hackers would surely be attracted towards "Familiar Unix-based Kernel with guaranteed fewer security measures than Windows or many Linux distros"

Re:Macs don't get hacked (1)

ByOhTek (1181381) | more than 2 years ago | (#39584133)

"Familiar Unix-based Kernel with guaranteed fewer security measures than Windows or many Linux distros"

Uhhhh. what? Fewer than Windows?

Don't get me wrong, I use Windows a lot, and almost never use MacOS... but I'm not sure that is accurate (Mac having fewer security measures in the kernel than Windows.) Mind you, the most important security measure are done via the gray matter between your ears in how you set up and use your environment, but I don't think that necessarily affects either platform particularly. Both have a shitload of lemming users who just expect things to work, and assume that some technical panacea (firewall/router, AV program, chosen OS/browser, etc.) will keep them safe.

Re:Macs don't get hacked (0)

Anonymous Coward | more than 2 years ago | (#39584271)

I'm sure Apple bypassed all the security features in BSD, I love this rant about Windows UAC is so annoying and that's one of the reasons why they are switching to Linux

The fact is in just about every *NIX system I used, Installing stuff etc required passwords changing file permissions etc. I think Apple would sacrifice security for usability.

Re:Macs don't get hacked (1, Offtopic)

AngryDeuce (2205124) | more than 2 years ago | (#39584033)

"I'm givin' ya all she's got, Cap'n!! She cannae take any more punishment!!!"

- Tim Cook

Re:Macs don't get hacked (0)

jo_ham (604554) | more than 2 years ago | (#39584511)

Put it this way, OS X is at least as vulnerable to viruses and trojans as Linux is.

Re:Macs don't get hacked (1, Redundant)

GrBear (63712) | more than 2 years ago | (#39583925)

Yes, because JAVA exploits only happen on Mac OS. *rolls eyes*

Re:Macs don't get hacked (1)

Anonymous Coward | more than 2 years ago | (#39583955)

JAVA is sandboxed, what shitty OS allows a rouge bit of code to gain control of a system? Apple still playing catch-up to MS?

Re:Macs don't get hacked (0)

Anonymous Coward | more than 2 years ago | (#39584109)

Every OS?

Re:Macs don't get hacked (2, Funny)

19thNervousBreakdown (768619) | more than 2 years ago | (#39584147)

Everybody knows us nerds are suckers for a pretty face with a bit of rouge.

Re:Macs don't get hacked (5, Funny)

Tarkadot (800596) | more than 2 years ago | (#39584055)

So, now that the Reality Distortion Field is weakening, it's time to activate the Someone Else's Problem field?

Re:Macs don't get hacked (0, Flamebait)

Lumpy (12016) | more than 2 years ago | (#39584181)

Only if we can use that as windows excuse as to why a unprotected windows box will get 629 viruses and trojans a day.

OSX and Linux still are far better than windows in regards to security. Windows is getting better, but it's still a major mess.

Also, is this trojan a self infecting setup or did the infections get there because of moron users clicking on everything they see pop up. NO operating system security on the planet can defend against the idiot at the keyboard.

Re:Macs don't get hacked (0)

Anonymous Coward | more than 2 years ago | (#39584315)

Well, you can just remove the network driver from the kernel, and voilà!!!!

Re:Macs don't get hacked (1)

Lumpy (12016) | more than 2 years ago | (#39584359)

Far easier to hide the mouse and keyboard.

Re:Macs don't get hacked (4, Informative)

UnknowingFool (672806) | more than 2 years ago | (#39584499)

From what I read, the payload is delivered when you visit certain sites, but as a Trojan, it asks for and requires the user to enter their admin password to install.

Re:Macs don't get hacked (0, Troll)

ILongForDarkness (1134931) | more than 2 years ago | (#39583993)

They also don't crash they just get sad.

Re:Macs don't get hacked (4, Funny)

ByOhTek (1181381) | more than 2 years ago | (#39584073)

... I tried to find where I should insert the Prozac. I tried the optical disc tray, but that didn't fix it. How do I unsad my Mac?

Re:Macs don't get hacked (0)

Anonymous Coward | more than 2 years ago | (#39584307)

Sell it to someone who's less of a prick? Just a guess...

Re:Macs don't get hacked (5, Funny)

fermion (181285) | more than 2 years ago | (#39584027)

My surprise is that there are 600K running macs to infect. I thought macs were just bought by rich people to display in there offices while they really used a PC. Clearly this article is propaganda.

Re:Macs don't get hacked (5, Funny)

crazyjj (2598719) | more than 2 years ago | (#39584075)

No, college kids love them. They use them to tweet out messages encouraging their fellow students to fight evil corporations.

Re:Macs don't get hacked (0)

rudy_wayne (414635) | more than 2 years ago | (#39584137)

Backdoor.Flashback.39 has infected over 600,000 Macs

And millions of PC users are laughing and saying "we told you so".

Artie MacStrawman (0)

Anonymous Coward | more than 2 years ago | (#39584167)

Is it just wrong if I laugh a little?

Hello Artie MacStrawman, how are you today?

Re:Macs don't get hacked (2, Informative)

Anonymous Coward | more than 2 years ago | (#39584341)

Let me laugh :

PC's wear biohazard suits, Macs don't need no biohazrd suits [youtu.be]

Mac versus Pc viruses [youtu.be]

I'm a MAC and I don't need no fucking antivirus/malware/biohazard suit you wippersnapper snotty little PC.

---> Pc walks away laughing at MAC. Look dady he's MAC and he's been zombiefied.

Re:Macs don't get hacked (0, Troll)

bmo (77928) | more than 2 years ago | (#39584395)

Because now that Macintoshes get trojans, Windows is suddenly secure, because schadenfreude secures machines, right?

Nobody ever claimed Macintoshes were bulletproof. But they're still a lot less of a target than Windows. Remove the beam from thine eye before pointing out the mote in others'.

--
BMO

Re:Macs don't get hacked (1)

Anonymous Coward | more than 2 years ago | (#39584441)

Is it just wrong if I laugh a little?

Over the years, many people have speculated on what separates us from the animals. Some have said use of tools, others have said language. But the real thing is much more subtle.

It is schadenfreude. So laugh it up, fuzzball. That is the only thing that make you human.

How to check (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39583851)

Is there any way to check whether your Mac is infected?

Re:How to check (1)

wilgibson (933961) | more than 2 years ago | (#39583933)

My thoughts exactly. I know dozens of Mac users that wouldn't have a clue how to check because they've lived under the false impression that Macs are completely invunerable.

Re:How to check (2, Informative)

alphatel (1450715) | more than 2 years ago | (#39583945)

Macs don't get viruses, so there is no reason to check for them, so there is no "app for that".

Re:How to check (-1, Offtopic)

Lumpy (12016) | more than 2 years ago | (#39584203)

Since this is a trojan, checking for a virus would not work.

How to tell whether you are infected (5, Informative)

daveschroeder (516195) | more than 2 years ago | (#39583965)

See here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml [f-secure.com]

Summary:

If you open Terminal and run

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

and

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

and see:

The domain/default pair of [...] does not exist

for each, you are not infected. Also, if you run nearly any AV software or other tools like Little Snitch, you are not infected as it checks for these and deletes itself if found.

Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]." It just a lot less likely, and has historically been, even accounting for differences in marketshare. As Mac share increases, it only makes sense they'll be targeted more with malware. But Macs, as a whole, are indeed "more secure", in that still, to this day, you are far less likely — even with the complacency or, if you prefer, ignorance, of Mac users — to become impacted with any malware than with Windows. Maybe someday this will change. But it's never been true to date, and isn't true now. The fact that single instances of Mac malware get so blown out of proportion, STILL, is ridiculous. (Though, Apple could do better with patching known vulnerabilities in Java on Mac OS X...)

The same advice and best practices for avoiding malware apply to Macs as well as any other desktop platform, and Mac users would do well to run current AV software. The Sophos free edition [sophos.com] is nice.

Re:How to tell whether you are infected (5, Funny)

ArhcAngel (247594) | more than 2 years ago | (#39584093)

Summary:

If you open Terminal and run

This just offended or confused 90% of the MAC users

Re:How to tell whether you are infected (1)

kthreadd (1558445) | more than 2 years ago | (#39584189)

Oh, 10 % not offended. I'm impressed!

Re:How to tell whether you are infected (4, Insightful)

Sponge Bath (413667) | more than 2 years ago | (#39584233)

This just offended or confused 90% of the MAC users

If you think 90% of Windows users are any less confused by the "Command Prompt", you have not had to give them technical support.

Re:How to tell whether you are infected (5, Insightful)

apcullen (2504324) | more than 2 years ago | (#39584171)

Excellent post.

However, I have to disagree with you on one point:

The fact that single instances of Mac malware get so blown out of proportion, STILL, is ridiculous.

I don't think it's blown out of proportion, and, rather than being ridiculous, I think it's essential. Mac users generally share a believe that their computer "just works" and that they don't have to be concerned with-- or even aware of-- security. For the good of the community, that should be corrected.

Re:How to tell whether you are infected (-1)

Anonymous Coward | more than 2 years ago | (#39584209)

no sensible person ever said...You just excluded about 99% of Mac Users. If I had a dime for everytime a Mac person has made that exact statement to me, or even worse and said Mac can't get infected/hacked/whatever, I would be living on my own private island somewhere.

Then there is the whole other argument about if how much Mac has been relying on security through obscurity and that does not equal secure. It equals false sense of security.

Re:How to tell whether you are infected (3, Interesting)

68kmac (471061) | more than 2 years ago | (#39584221)

Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]."

Actually, Apple writes [apple.com] quite a few things that make me (and I'm a Mac user) cringe. For example:

Download with peace of mind.

Innocent-looking files downloaded over the Internet may contain dangerous malware in disguise. That’s why files you download using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, OS X alerts you, then warns you the first time you open one.

Yeah, when you download a file and click on it, a dialog pops up that tells you that the file was downloaded from the internet and may be dangerous. That's all. And after you had to click on that a couple of times for harmless files of all sorts, you just click on it automatically. And, boom, trojan infection ...

Re:How to tell whether you are infected (2, Funny)

Anonymous Coward | more than 2 years ago | (#39584237)

You know, when you claimed that "no sensible person ever said, "Macs don't get infected"...", I got a little ticked off, because based on my experience, it seemed that NEARLY ALL Apple users had claimed this.

Then I realized, we're both right.

Re:How to tell whether you are infected (1)

Dinghy (2233934) | more than 2 years ago | (#39584255)

Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]." It just a lot less likely, and has historically been, even accounting for differences in marketshare.

If we're talking historically, most people who get involved with the OS arguments aren't sensible to begin with.

Re:How to tell whether you are infected (0)

Anonymous Coward | more than 2 years ago | (#39584347)

Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]."

Then apparently NONE of my Mac users, in a department of ~3000 people (of whom Mac users comprise about 15% last I checked) are sensible. But then again, I figured that out when they're bring a broken Mac to me, ask me to fix it, and while I was fixing their computer they would regale me with stories about how much better it was than PCs because they never broke and 'just worked'...

I've had that pattern play out so many times, the only way I've stayed sane is to mentally parse 'it just works' not the intended 'it SIMPLY works' but rather 'it BARELY works'.

Re:How to check (0)

Anonymous Coward | more than 2 years ago | (#39583983)

Check here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

Re:How to check (0)

Anonymous Coward | more than 2 years ago | (#39584123)

There's stuff on CNET and F-Secure websites that you can get to with a simple Google search "Flashback Trojan Detection". Checked about 10 Macs across family, friends and associates, and no one had it. Everyone who went through a Mac training had it beaten into them by the Genius Bar folks that they NEVER should accept an authorization to install software unless they explicitly started it themselves. Making it look like a Flash install is sneaky - because they pop-up uninvited. I've got everyone I know to not install Flash on Safari, and only use the one packaged with Chrome. I insist that they get the upgrades off the Chrome site directly.

Re:How to check (1)

catchblue22 (1004569) | more than 2 years ago | (#39584279)

Making it look like a Flash install is sneaky - because they pop-up uninvited. I've got everyone I know to not install Flash on Safari, and only use the one packaged with Chrome.

Ah so. The trojan actually presents an install dialogue? Funny how this isn't mentioned in TFA, which to me sounds like it is tinged with propaganda. Macs aren't perfect, but the simple feature of asking the user for his or her password at the right time is likely worth more for security than many of the subtle kernel protections referred to here.

Re:How to check (2)

jo_ham (604554) | more than 2 years ago | (#39584319)

Yes.

From instructions here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml [f-secure.com]

It basically boils down to running two commands in Terminal:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

If both of those come back as "The domain/default pair ... does not exist" then you are ok.

Although even easier, if you have MS Office 2008, MS Office 2011 or Skype installed you are not infected - the Trojan checks for these (for some reason) and deletes itself if it finds them

Similarly, it will check for the following directories, and if it finds them it stops installing and self-deletes: /Library/Little Snitch /Developer/Applications/Xcode.app/Contents/MacOS/Xcode /Applications/VirusBarrier X6.app /Applications/iAntiVirus/iAntiVirus.app /Applications/avast!.app /Applications/ClamXav.app /Applications/HTTPScoop.app /Applications/Packet Peeper.app

A threat, certainly (and Apple closed the Java hole just this week), but it's trying to fly under the radar as much as possible at the moment for whatever reason.

But Macs... (-1, Troll)

Daniel_is_Legnd (1447519) | more than 2 years ago | (#39583861)

But Macs don't get viruses. Right? Right guys?

Re:But Macs... (0)

Anonymous Coward | more than 2 years ago | (#39584153)

Only anti-Mac idiots ever say that.

Welcome to the club, Daniel.

Re:But Macs... (2)

geogob (569250) | more than 2 years ago | (#39584343)

I hope for your sake that you're not living in Arizona.

Re:But Macs... (1)

grub (11606) | more than 2 years ago | (#39584433)

This is a drive-by trojan, not a virus.

Fight over the definition! (3, Insightful)

danbuter (2019760) | more than 2 years ago | (#39583871)

It's only been a matter of time. Many people think that since the common knowledge is that Macs don't get viruses, they are immune to everything else (including trojans). Only the computer nerds differentiate between viruses, trojans, and malware you get by clicking on something on the internet.

Re:Fight over the definition! (1)

neokushan (932374) | more than 2 years ago | (#39584443)

Trojans and virsuses, at least their definitions, only differentiate the behaviour and are not mutually exclusive.

A virus is "a segment of self-replicating code planted illegally in a computer program, often to damage or shut down a system or network." Source: http://dictionary.reference.com/browse/virus?s=t [reference.com]

A trojan is a program that gives remote access to a compromised machine. There's nothing to say that Viruses and Trojans can't do both. Of course, many people will say that the difference between virsuses and Trojans are that Trojans do not spread by themselves, but at the same time there's nothing to say that a Virus has to grant remote access to any machine it infects - so does that mean that a trojan is a virus that doesn't spread? That wouldn't make sense, given the name.

Viruses spread by themselves, they are self replicating. A virus that has no other payload other than to spread itself further is still a virus.

A Trojan grants remote access to a machine. It may download other malware, but the principal is there - it gives compromised administrative access. If it didn't give this access, it wouldn't be a Trojan, it would be some other form of malware.

So what if you have a virus that downloads other viruses, or grants remote access? Or a trojan that spreads itself? Wait, aren't they now the same thing?

Now what was that someone said (-1)

Anonymous Coward | more than 2 years ago | (#39583887)

Ahhh yes thats it Mac is safe will never be hacked but linux is unsafe Hummmmmmmmmm yes well anyone on a mac with any sense will jump ship PDQ i have always called them Macintoys seems it was right

tis to be hoped it makes the shrot step to the iP* devices and creams them up as well

not that i dont like apple you understand but this is some of the best news so far this year

no more Spirit of Steve protection? (2, Informative)

alen (225700) | more than 2 years ago | (#39583893)

it used to be magic pixie dust protected Macs but in the last 6 months i've been using the Spirit of Steve

time to find some new protection

Re:no more Spirit of Steve protection? (1)

NatasRevol (731260) | more than 2 years ago | (#39584179)

Java update does it.

It's not apple's fault... (3, Informative)

ilsaloving (1534307) | more than 2 years ago | (#39583907)

The users just surfed wrong.

But seriously, Apple screwed the pooch really good on this one. Looks like it's time that their corporate culture goes through the same "trustworthy computing" initiative that Microsoft went through over the last few years.

on a tangent (0, Offtopic)

ILongForDarkness (1134931) | more than 2 years ago | (#39584059)

Where did the term "screwing the pooch" come from? Was someone's mistake way back in the day getting caught screwing the pooch and the name stuck? Reminds me of an old scottish joke.

American of scottish ancentory goes to Scottland for a trip. While there sees a nice pub and goes in and starts chatting with the bar keep.

barkeep "I'm McGregor I've been running this pub for twenty years. But do they call me McGregor the barkeep. Nooo."

yank: "Oh this is really nice brickwork on this building.

barkeep "Aye. I built this bar with me own two hands. But do they call me Mc Gregor the stone mason. Noooo."

yank "Oh and the fence out front that is very colourful."

barkeep "Aye. I built that too. But do they call my McGregor the fence mender. Nooo. But you fuck one goat ..."

Re:It's not apple's fault... (1)

benjfowler (239527) | more than 2 years ago | (#39584065)

I seriously doubt it. Apple are far too addicted to secrecy and lack of transparency for that to happen.

Re:It's not apple's fault... (1)

Lumpy (12016) | more than 2 years ago | (#39584231)

It's their own fault, instead of using sun java, they used their own java and that has caused headaches for nearly a decade as they have ALWAYS been behind.

Re:It's not apple's fault... (1)

ilsaloving (1534307) | more than 2 years ago | (#39584265)

Why IS that anyway? Was it because Apple insisted on rolling their own, or because Sun wouldn't make one?

Re:It's not apple's fault... (1)

jo_ham (604554) | more than 2 years ago | (#39584355)

The latter, or at least because when you roll your own you can control what changes or updates happen on your own terms.

Patched Already? (0)

Anonymous Coward | more than 2 years ago | (#39583921)

I noticed there was a Java update the other day, and the article seems to indicate this was indeed patched on April 3rd.

I don't bother running any sort of virus/trojan detection on my mac currently. What do folks recommend?

Conspiracy or hoax? (-1)

Anonymous Coward | more than 2 years ago | (#39583937)

This is either a conspiracy on the part of jealous companies like Microsoft and IBM or it is a hoax perpetrated by the notoriously anti-Apple media. Either way, it looks like the slashtards have already fallen for the propaganda and are buying it hook line and sinker. Well go on using your idiot-boxes running windoze or linsux, while those of us with more than two brain cells to rub together will continue to use the best of the best.

Re:Conspiracy or hoax? (1)

Anonymous Coward | more than 2 years ago | (#39584037)

while those of us with more than two brain cells to rub together will continue to use the best of the best

See, I question if you really do have those two brain cells.
Because most people who do? Know that there is no "best of the best".
As much as most slashdot readers love to hate on windows/apple and love on linux, the only "best" operating system is the one that suits the customers needs the most.
For you? It's mac. And that's great! I'm glad you found an OS you're happy with.
But that does not prove true for everyone.

Also, immediately dismissing the issue as a "hoax" before even reading the article isn't a sign of intelligence.
Especially so if you use a mac and should probably learn how to check if you're infected. ;P

Detection and Removal Info (2, Informative)

Anonymous Coward | more than 2 years ago | (#39583949)

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

Check if you're infected (2, Informative)

Anonymous Coward | more than 2 years ago | (#39583971)

Gizmodo's article shows how to determine if your machine is infected. http://www.gizmodo.co.uk/2012/04/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected/

now (4, Interesting)

ILongForDarkness (1134931) | more than 2 years ago | (#39583973)

Can we please end the madness where people claim that since an OS is a variant of unix it can't get a virus? Users do stupid things, stupid things have consequences, doesn't matter the make of the car you are driving if you are a drunk moron soon enough you'll crash into something. Similarly if you are a horny moron eventually you'll browse to a site that will find a way to get you to install some junk that will trash your computer all in the name of some desperately needed friction motivation.

It's their only "weapon" & 'marketing strategy (0)

Anonymous Coward | more than 2 years ago | (#39584019)

They just don't get it, & by the same token, they'll NEVER end it (but it will end them and their OS of choice taking the top spot). Lies/FUD b.s. never go too far before the cat gets out of the bag and folks wise-up to it is why! In the end? That practice, destroys, and apparently, the marketshare figures show that much. Anyone doesn't like that, "argue with the numbers", it's that simple.

Re:It's their only "weapon" & 'marketing strat (0)

Anonymous Coward | more than 2 years ago | (#39584127)

It is their chief weapon, fear and surprise...surprise and fear...fear and surprise.... Our two weapons are fear and surprise...and ruthless efficiency.... Our *three* weapons are fear, surprise, and ruthless efficiency...and an almost fanatical devotion to the Pope.... Our *four*...no... *Amongst* our weapons.... Amongst our weaponry...are such elements as fear, surprise.... I'll come in again.

Re:It's their only "weapon" & 'marketing strat (0)

Anonymous Coward | more than 2 years ago | (#39584161)

NOBODY expects the Spanish Inquisition!

Re:now (1)

Swampash (1131503) | more than 2 years ago | (#39584119)

Looks to me like this was entirely Apple's fault. It was a known exploit for Java, and Apple just didn't get around to releasing a security update with a patched Java.

Re:now (1)

jo_ham (604554) | more than 2 years ago | (#39584393)

The Java exploit was only one of a few ways to get infected by this trojan. That hole is now closed.

Either way, having MS Office or Skype installed renders you immune to it for the time being (seriously - the trojan self deletes if it detects those apps are installed, along with several other monitoring apps such as Little Snitch or various virus scanner tools).

Re:now (0)

Anonymous Coward | more than 2 years ago | (#39584149)

In Soviet California, Google car drives you!

Re:now (2)

betterunixthanunix (980855) | more than 2 years ago | (#39584169)

Can we please end the madness where people claim that since an OS is a variant of unix it can't get a virus?

It does not help that Apple itself is telling people that their OS will protect them from malware:

https://www.apple.com/macosx/what-is/security.html [apple.com]

Re:now (0)

Anonymous Coward | more than 2 years ago | (#39584317)

So protect from now means immune?

Re:now (1)

ilsaloving (1534307) | more than 2 years ago | (#39584241)

That's because they generally *don't* get VIRUSES (see what I did there?). The security settings on unix based systems are usually more strict than on windows machines.

That being said, there is no system in the world that can block a TROJAN (which is what this is) because trojans don't target computers, they target the users. It would be like someone living in Fort Knox, but then getting robbed blind because someone came by and said, "I'll give you free pr0n if you let me in!"

That being said, there is no excuse for Apple permitting a critical exploit such as this to remain unpatched for so long.

mac trojan.... (0)

Original Poster (2604709) | more than 2 years ago | (#39583995)

So It Has Come To This

Haha (2, Funny)

Anonymous Coward | more than 2 years ago | (#39584021)

HAHA HAHAHHAHAHAHHA Hahahahahahhaahha

hahahahahhahahhahahahhahahahh

HAHAHAHAHAHAHahahahahahahaha

Re:Haha (0)

ArhcAngel (247594) | more than 2 years ago | (#39584177)

Gotta say this is what I felt when I heard the news ;)

Re:Haha (0)

jo_ham (604554) | more than 2 years ago | (#39584479)

What, that another trojan has been found on OS X?

Welcome to several years ago. How is this new? The fact that a trojan being discovered is headline news? I guess.

Just to clarify: no OS is invulnerable to malware, especially trojans that rely on social engineering (among other infection routes). Add this one to the small pile of malware found on OS X, like that trojan that claimed to be an Office installer but instead deleted your home folder, or the one claiming to be "mac anti virus" that uses the classic "your system is infected! click here to solve the problem!" graphics on webpages, except with the use of browser sniffing to serve up Mac-specific UI graphics instead of Windows ones.

Either way, I'll just handle the one or two trojans that show up now and again rather than wading through the sea of malware and viruses on Windows. Still, saying that, Windows has got *a lot* better about that recently - funnily enough by working towards the security model used by OS X and other unix OSes. Not a coincidence, I think.

600,000? (1, Troll)

halfEvilTech (1171369) | more than 2 years ago | (#39584113)

So what you are telling me is they managed to get all of them?

Is it that time of year again? (0)

Anonymous Coward | more than 2 years ago | (#39584257)

I don't know how I'll ever sleep at night knowing that there's always that one Mac virus doing the rounds. But I know my Windows ME box hooked directly to my cable modem will always be safe.

Re:Is it that time of year again? (0)

Anonymous Coward | more than 2 years ago | (#39584449)

Shhhh

Sarcasm doesn't work here.

Yet another Drive By Attack (2, Insightful)

FlyingGuy (989135) | more than 2 years ago | (#39584277)

This is the problem with the web. When the first DBI ( Drive By Infection ) happened the code that allowed this sort of thing to happen was not ripped out "with extreme prejudice" and in an old /. post I asked why and there was damn little in the way of a response.

So I ask once again, why has this not been fixed? Why are there so god damn many ways to do this and how come that ability has not been removed?

It seems to me that in the insanity of try to make the browser everything instead of a piece of software that renders text, there is nothing but vulnerability after vulnerability and I really don't see any end in sight since in trying to make the browser do everything it needs more and more access to the core functions of the OS it is running on. How can this not lead to more and more attack vectors?

Hey! The excuse for this Apple fail.. (1)

landofcleve (1959610) | more than 2 years ago | (#39584287)

Can't be laid at the feet of Microsoft.

Re:Hey! The excuse for this Apple fail.. (0)

Anonymous Coward | more than 2 years ago | (#39584413)

Can't be laid at the feet of Microsoft.

Actually, it is entirely at the hands of Apple.

Apple made a deal with Sun/Oracle that they would not release java updates - Apple has to do it instead.

So when new java security flaws are discovered & announced (which is very frequently), it will take a long time for Apple to get around to releasing a new patched java. Until then, macs are vulnerable to an an easy, well-documented exploit.

Let this be a lesson (1)

Rambo Tribble (1273454) | more than 2 years ago | (#39584289)

Mac users have long embraced a culture of denial; "I'm safe, I use a Mac." Gloating Linux users should take note. Yes, Linux is among the best, but it isn't invincible. Due diligence in firewalls and vetting app sources is a requirement on ALL platforms. (Yes, you too, BSD folks.)

OH for gawd's sake, this is insane. It's a trojan! (0, Troll)

Catbeller (118204) | more than 2 years ago | (#39584391)

TROJAN. Trojans are installed by users who are faked out by a web page that demands they install a program using an admin-enabled account. There is no protecting an operating system from a person who installs strange programs on demand.

It is not a virus. Viruses infect Windows machines on bootup, through flaws in the OS, opening mail, spreadsheets, or scratching yourself, and probably on exposure to sunlight or eating Splenda. There are MILLIONS of viruses in Windows. And trojans. They exist because Windows had its bloodstream exposed in '95 when Gates and company welded the OS file system to the IE browser, making Windows a target of opportunity for decades.

There has not been a single virus on the Mac in the wild, ever. And it's not for lack of trying: the first black hat to release such a thing gets mad props forever, not to mention the thanks of the various Slavic mafias.

You can't guard against ignorance, laziness, and lack of experience. Those things enable trojans to be installed, and always will be.

Macs still Just Work. That's because it's Unix with a fancy hat on.

It doesn't get PC Viruses (0)

Anonymous Coward | more than 2 years ago | (#39584517)

I love the Apple marketing [apple.com] on this one. "A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part." No, it's susceptible to Java and Office [pcmag.com] trojans. It's not our fault!

I recently attend an iOS for business event where the Senior Apple engineer declared that "even if you want to write a virus for iOS you can't" and "there is zero malware in the app store". That sounded like a challenge to the hacktivist community. Seriously, denial is the first step, and Apple needs to get their fanboys lining up to learn about the vulnerability and threats to the Apple community in addition to plopping $800 down for the latest iWhatever.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?