Mac Botnet Has Infected Over Half a Million Computers
For some, one of the reasons to get a Macintosh computer was that there were few nasty viruses or other malicious junk floating around that could affect your machine. However, this kind of attitude can only lead to trouble and now the Russian security company Doctor Web says that one particular trojan called Backdoor.Flashback.39 has infected over 550,000 Apple computers.
In a botnet, infected computers receive commands via the Internet from malicious operators. The collective power of these infected machines can be used to bring down websites, send spam en masse, or whatever the botnet’s operator has in mind. For instance, one version of the Flashback trojan modifies the content of webpages viewed by the user.
The Flashback trojan has been around for a while, and has seen various permutations along the way. According to Doctor Mac, computers infected by one variant of the trojan are concentrated in the United States — about 60% of the total infection. The next largest area is Canada representing 20% of the total infected computers, and the U.K. with 13%.
Until recently, the Flashback variant took advantage of a loohole in Java which has was patched by Apple on April 3rd. If you keep your computer up to date, you are protected from this nasty. Unfortunately, infection begins after computers visit any one of four million malicious websites, which then prompts the user to enter their username and password while posing as a Flash installer. Flashback is also clever enough to look for antivirus software before installing itself on computers, and in the past was able to lobotomize Apple’s built in mal-ware protection.
Apple users can receive an update from Apple which patches the Java vulnerability by selecting “software update” from the Apple menu, with more information about the Java patch available here. However, these infection figures are a reminder that no one’s computer is entirely safe by nature, and that running some kind of protective software may be a worthy investment.
(Doctor Web via Ars Technica)
- Zeus botnet taken out by law enforcement and Microsoft
- Microsoft also helped take down the Kelihos botnet
- FBI hijacks and takes down the Coreflood botnet
- Learn more about the terrifying menace of botnets
Have a tip we should know? tips@themarysue.com