An amazing 600,000 Apple computers were struck and conquered by the Flashback Trojan, Dr. Web from Russia claims. It infiltrates as a malware and then converts the machine into a botnet. A botnet is a network of machines vulnerable to the control of someone other than it’s users. What is worse is that more than half of these infected Macs reside in the U.S, according to Dr. Web’s estimates.
As could be expected, Apple responded with a security patch. Without the patch, your system lies vulnerable or at worst infected already. So do not wait to patch your Apple.
Flashback made itself known by disguising as a simple update on Flash Player. Accepting the request put the malware on the unsuspecting user’s computer, followed by a deactivation of selective security features. As if that wasn’t enough, an improved form of the malware was released that compromised the computers through a hole in Java, permitting it to slip in from fake websites. An ID was then transmitted to the hacker’s server to track the infected machine. It allowed for a kind of remote control, forming a botnet. All of these machines came under a hypnotic control of the hackers who built Flashback and upgraded it to a Trojan.
The botnet was discovered by Dr. Web, who claims to have hijacked it from the criminals. Are we sure Dr. Web did not create the malicious code and build the botnet? Dr. Web, a Russian company, claims that most of the IP’s of the infected machines were in English speaking countries, such as the U.S., U.K., Australia, and Canada. Digging a bit deeper, it was clear that 274 grief stricken Apple owners use their computers the home city of Apple itself, Cupertino California. Perhaps the owners of these Cupertino infected machines are Apple employees.
In light of the hole in Java, halfhearted efforts were made by Oracle, makers of Java, to patch up Java with a little fix on St. Valentine’s Day – how romantic. Apple users’ heart was broken, however, since they receive their fixes for Java straight from Apple. They had to wait nearly two months, until last Wednesday.
If you are curious about whether or not your computer has been infiltrated, you can find details at F-Secure on how to detect it and the method for its safe removal. Apple’s operating system is designed to prevent many requests without first notifying the user of such actions. However, as security specialists quip, this latest Trojan proves Apple’s machine is vulnerable. I guess we can chalk it up to a myth that Apple computers cannot be successfully hacked by malicious code. We all knew it was only a matter of time before malware would be written targeting Apple.
Apple refused to comment on the matter, though they have had two months to think about a reply. Perhaps they believe a fix that is 8 weeks past due is apology enough to their customers. I doubt Apple’s customers will feel the same way. With its cultist following, though, perhaps they will.