Apple working on software to detect and remove Flashback trojan

Posted:
in macOS edited January 2014


Apple revealed on Tuesday that it is currently developing software to detect and remove the Flashback malware that has infected an estimated 600,000 Macs worldwide.



The Cupertino, Calif., company made mention of the upcoming tool in a regarding the malicious software, as noted by Jim Dalrymple of The Loop. The document also pointed users to last week's Java update that patched the security flaw that the virus was exploiting.



"In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network," the company said.



Apple also advises Macs running OS X 10.5 or earlier to disable Java in their browser preferences.



The Flashback trojan horse was first discovered last September. The malware posed as a phony Adobe Flash Player installer in order to trick users into installing it. At the time, a security first categorized the threat as "low." The current version of Flashback used the Java vulnerability to create a botnet that could mine personal information from unsuspecting users.



Evidence of Apple's efforts to contact ISPs surfaced earlier on Tuesday when a Russian security firm revealed that the company had targeted one of its servers as being "involved in a malicious scheme." Dr. Web chief executive Boris Sharov said the server was "not doing any harm to users" and was being used to monitor the spread of the virus.



Sharov noted that the relative rarity of Apple security issues meant that Dr. Web hadn't established close ties with the company. "For Microsoft, we have all the security response team’s addresses,” he said. “We don’t know the antivirus group inside Apple.”











Last week, a Dr. Web analyst claimed that 600,000 Macs around the world had been infected by the Flashback malware. 56.6 percent of those infections are reportedly located in the U.S.





[ View article on AppleInsider ]

«13

Comments

  • Reply 1 of 48
    Quote:
    Originally Posted by AppleInsider View Post


    [...]





    The Flashback trojan horse was first discovered last September. The malware posed as a phony Adobe Flash Player installer in order to trick users into installing it.[...]




    There's your problem, there. Nobody should install Flash. Period.
  • Reply 2 of 48
    tallest skiltallest skil Posts: 43,350member
    Quote:
    Originally Posted by Splash-reverse View Post


    There's your problem, there. Nobody should install Flash. Period.



    But it's a Java problem?



    Fortunately, Apple already has software that takes care of it.



    It's called LION. Neither Flash nor Java come with Lion.
  • Reply 3 of 48
    As long as Apple distributes a version of Java, it must live up to its responsibilities to patch that version promptly with security updates. Patching a known security vulnerability 2 months after Oracle did is unacceptable.
  • Reply 4 of 48
    Look for Apple to introduce zero tolerance in Mountain Lion.
  • Reply 5 of 48
    ddarkoddarko Posts: 22member
    Quote:
    Originally Posted by Tallest Skil View Post


    But it's a Java problem…



    Fortunately, Apple already has software that takes care of it.



    It's called LION. Neither Flash nor Java come with Lion.



    That's ridiculous. Why is Java updates distributed through the built-in Mac OS software update mechanism? Java may be third party software and no longer included in the latest Mac OS but it continues to be accorded special status by Apple. How did Apple distribute the Java updates that close this security hole? Not by telling you go to Oracle to download the update but sending it out through the OS software update.



    Quote:
    Originally Posted by JavaCowboy View Post


    As long as Apple distributes a version of Java, it must live up to its responsibilities to patch that version promptly with security updates. Patching a known security vulnerability 2 months after Oracle did is unacceptable.



    Completely agree. Just as Microsoft is the keeper and bears responsibility for the security of the Windows platform, so Apple bears an equivalent obligation to work with third party software vendors - especially big ones like Oracle, run by Steve Jobs' best friend - to maintain the security of the Mac ecosystem. Its responsibility extends beyond the software it writes. Even John Gruber has now acknowledges that Flashback is an "epidemic" (because its infection rate is as big/bigger than the infection rate of the Windows Conflicker trojan) and a genuine problem. Pretending the "solution" to security holes is not to run software is ridiculous. Security holes area inevitable so they have to be patched quickly when found. Hopefully this will be bitter lesson for Apple to beef up their security practices.
  • Reply 6 of 48
    kpomkpom Posts: 602member
    This is a welcome move, but Apple should have patched the flaw weeks ago, and barring that, made today's announcement last Friday when the story first broke. People expect Macs to not need anti-malware software, partly because of Apple's own marketing, so they need to get the message out. Either we need to start using third party software, or Apple can pledge to take care of the issues itself. Either way, people need to know.
  • Reply 7 of 48
    razorpitrazorpit Posts: 876member
    Quote:
    Originally Posted by JavaCowboy View Post


    As long as Apple distributes a version of Java, it must live up to its responsibilities to patch that version promptly with security updates. Patching a known security vulnerability 2 months after Oracle did is unacceptable.



    Amen!



    Apple is doing good stuff now to fix the problem but these fixes are about 2 months too late. Apple owns this one. And to think I finally got my parents to buy a Mac last month...
  • Reply 8 of 48
    alienzedalienzed Posts: 393member
    Computers will never be safe when people who don't know how to use them are in control. It'd be like putting a preteen at the wheel of a truck, what do you expect is going to happen?
  • Reply 9 of 48
    Oracle is currently working on a Mac version of Java 7 for OS X, but the end user version won't be ready until the fall. Currently, only Apple distributes any version of Java for OS X.



    Quote:
    Originally Posted by ddarko View Post


    That's ridiculous. Why is Java updates distributed through the built-in Mac OS software update mechanism? Java may be third party software and no longer included in the latest Mac OS but it continues to be accorded special status by Apple. How did Apple distribute the Java updates that close this security hole? Not by telling you go to Oracle to download the update but sending it out through the OS software update.







    Completely agree. Just as Microsoft is the keeper and bears responsibility for the security of the Windows platform, so Apple bears an equivalent obligation to work with third party software vendors - especially big ones like Oracle, run by Steve Jobs' best friend - to maintain the security of the Mac ecosystem. Its responsibility extends beyond the software it writes. Even John Gruber has now acknowledges that Flashback is an "epidemic" (because its infection rate is as big/bigger than the infection rate of the Windows Conflicker trojan) and a genuine problem. Pretending the "solution" to security holes is not to run software is ridiculous. Security holes area inevitable so they have to be patched quickly when found. Hopefully this will be bitter lesson for Apple to beef up their security practices.



  • Reply 10 of 48
    ddarkoddarko Posts: 22member
    Quote:
    Originally Posted by JavaCowboy View Post


    Oracle is currently working on a Mac version of Java 7 for OS X, but the end user version won't be ready until the fall. Currently, only Apple distributes any version of Java for OS X.



    Thanks for correcting my mistake. That only strengthens your point that Apple bears responsibility for this massive screwup.
  • Reply 11 of 48
    tbelltbell Posts: 3,146member
    Quote:
    Originally Posted by ddarko View Post


    Thanks for correcting my mistake. That only strengthens your point that Apple bears responsibility for this massive screwup.



    I really don't see how. Sure, Oracle issued a patch a while ago, but Apple isn't going to just release the update through its servers without testing the update.



    Moreover, the extent of the issue has only come to light recently when a third party security expert made its findings public. Apple has always evaluated threats before reacting. Nine out of ten times it is the right approach. Time will tell here.



    Although there appears to be a significant number of Macs infected (I know nobody personally), there has been no real damage to users. The malware is merely being used for click link purposes, meaning companies like Google are likely the real victim. Maybe Apple is behind the malware.
  • Reply 12 of 48
    felix01felix01 Posts: 190member
    Quote:
    Originally Posted by Tallest Skil View Post


    But it's a Java problem?



    Fortunately, Apple already has software that takes care of it.



    It's called LION. Neither Flash nor Java come with Lion.



    How many Mac users do you suppose there are who never access a YouTube video (which requires Java to be enabled)? Not many...meaning that Apple better plan on people downloading it even if Apple doesn't distribute it on Lion.
  • Reply 13 of 48
    charlitunacharlituna Posts: 7,178member
    Quote:
    Originally Posted by razorpit View Post


    Amen!



    Apple is doing good stuff now to fix the problem but these fixes are about 2 months too late. Apple owns this one. And to think I finally got my parents to buy a Mac last month...



    1. your parents Mac won't have Java on it unless they go and download it, same with Flash



    2. This is NOT Apple's software. In truth they have no obligation to do any fixes to Java or anything else. Oracle is to blame for the exploit and they should have fixed it and released the patches for Mac OS and they should be the ones writing the clean up software.
  • Reply 14 of 48
    charlitunacharlituna Posts: 7,178member
    Quote:
    Originally Posted by Felix01 View Post


    How many Mac users do you suppose there are who never access a YouTube video (which requires Java to be enabled)?



    No it doesn't. I know this because I'm on Youtube all the time and I have no Java on my computer. No Flash player either and don't need it thanks to the HTML5 alt player
  • Reply 15 of 48
    tallest skiltallest skil Posts: 43,350member
    Quote:
    Originally Posted by Felix01 View Post


    How many Mac users do you suppose there are who never access a YouTube video (which requires Java to be enabled)?



    You don't though.
  • Reply 16 of 48
    sflocalsflocal Posts: 4,152member
    Quote:
    Originally Posted by Felix01 View Post


    How many Mac users do you suppose there are who never access a YouTube video (which requires Java to be enabled)? Not many...meaning that Apple better plan on people downloading it even if Apple doesn't distribute it on Lion.



    Are you smoking something or just dizzy from spinning stories? Java has nothing to do with watching a youtube video. Java is not even installed on my iMac yet youtube works just fine.
  • Reply 17 of 48
    jkichlinejkichline Posts: 1,292member
    Quote:
    Originally Posted by Felix01 View Post


    How many Mac users do you suppose there are who never access a YouTube video (which requires Java to be enabled)? Not many...meaning that Apple better plan on people downloading it even if Apple doesn't distribute it on Lion.



    I think you mean Flash there. Also, you don't need to use Flash at all if it's using HTML5 video. Flash, PDF and Java are the biggest security issues ever invented.
  • Reply 18 of 48
    swiftswift Posts: 436member
    I don't think it'll be long for the Mac. Remember, just a few months ago, they claimed that the Mac version would be made by Oracle? Wonder what went wrong there?



    What would we miss if Java went away?
  • Reply 19 of 48
    SpamSandwichSpamSandwich Posts: 29,530member
    This is all good news and all, but how about Apple fix the problem with iPad not properly backing up if there are too many photos on the roll in the iOS Photo app? This is elementary stuff, guys!
  • Reply 20 of 48
    tyler82tyler82 Posts: 689member
    Quote:
    Originally Posted by Splash-reverse View Post


    There's your problem, there. Nobody should install Flash. Period.



    Isn't flash required to use YouTube? There goes 95% of my fun!
Sign In or Register to comment.