Thursday, April 5, 2012

550,000 Macs infected by Flashback Trojan

apple mac book
Everyone knows that Macs aren’t immune to malware infections at this point. Even with an operating system that’s as secure as OS X appears to be, the bad guys have gotten very good at social engineering in recent years. As long as they can trick users into clicking things they really shouldn’t click, there’s no way to bullet proof Macs (or any other system for that matter).
So just how big a problem is malware on Macs?
Bigger than you might think, says Russian security firm Dr Web. Their researchers have uncovered a sizeable Mac botnet, with around 550,000 compromised systems currently in the clutches of its command and control servers.
As is the case with most Mac malware seen to date, Flashback makes its way onto a users’ system by way of compromised websites and a drive-by attack utilizing a Java applet. The applet exploits one of two vulnerabilities that have since been patched by Apple. Attacks were first detected in February, and they’ve clearly been very effective in their short time in the wild.
Apart from the alarming number of infections, Dr Web also notes that some of the compromised web pages that delivered the Trojan belong to D-Link. That’s a pretty big black eye for a network hardware vendor, particularly one who offers a range of VPN and Firewall appliances.
While a half-million strong botnet is obviously not a good thing, are all those infected Macs really worth getting riled up about? Apple is selling four to five million Macs a quarter now, so a few hundred thousand machines is a drop in the bucket.
The real problem here isn’t Apple or OS X, obviously. It’s a combination of those annoying, insecure plug-ins we love to hate and users who jumped to Mac expecting a free ride when it came to responsible Internet use after falling into the same traps on their Windows systems.