Apple working on software to detect and remove Flashback trojan

13»

Comments

  • Reply 41 of 48
    enjournienjourni Posts: 254member
    It will be nice when this happens. The Kaspersky removal tool that was just released and is exploding all over the web doesn't work at all? just gives an error that the tool needs to be updated and some failed rm command.
  • Reply 42 of 48
    tyler82tyler82 Posts: 1,100member
    Quote:
    Originally Posted by PB View Post


    There is HTML5 for this; see a few posts above. All you need to do is to type in the URL field of your browser



    http://www.youtube.com/html5



    and YouTube will tell you the rest.



    Thanks, I was not aware of that! I would love to get rid of Flash. Just dumped Java last week, and so far nothing that I normally do online has been affected.
  • Reply 43 of 48
    I've never been infected by anything on any of my personal or work Macs, but I think it is time Apple developed and delivered its own free security software much like Microsoft Security Essentials.



    It could be called Apple Really Secure Essentials.
  • Reply 44 of 48
    Quote:
    Originally Posted by alienzed View Post


    Computers will never be safe when people who don't know how to use them are in control. It'd be like putting a preteen at the wheel of a truck, what do you expect is going to happen?



    You have vehicles fitted with seat-belts and airbags to protect the idiots. Shame about the victims who inadvertently get in the way. Developers of Operating Systems must protect their passengers.
  • Reply 45 of 48
    jragostajragosta Posts: 10,473member
    I wonder how good this number is.



    They're now saying that the number is 230,000 to 270,000:

    http://www.techweekeurope.co.uk/news...sh-botne-72458



    Now, one of two things has happened:



    1. Apple has somehow managed to reduce the number of bots by 60% even though they haven't released any software to fix it

    or

    2. The numbers are nothing more than guesswork and have no validity



    I think #2 is far more likely.
  • Reply 46 of 48
    gatorguygatorguy Posts: 24,177member
    Quote:
    Originally Posted by jragosta View Post


    I wonder how good this number is.



    They're now saying that the number is 230,000 to 270,000:

    http://www.techweekeurope.co.uk/news...sh-botne-72458



    Now, one of two things has happened:



    1. Apple has somehow managed to reduce the number of bots by 60% even though they haven't released any software to fix it

    or

    2. The numbers are nothing more than guesswork and have no validity



    I think #2 is far more likely.



    If you had been following along you would know that there's been several different sites, forums, bloggers and security firms who have posted methods of finding out if your machine is infected as well as how to remove it. Apparently some number of Mac users did see the news and took their advice, successfully cutting the current infection down to around a quarter million from the original 650K.





    http://www.eweek.com/c/a/Security/FS...m-Macs-830858/

    http://reviews.cnet.com/8301-13727_7...are-from-os-x/

    http://www.tuaw.com/2012/04/12/flash...ecurity-firms/

    http://www.youtube.com/watch?v=bq1sQXW4KEg
  • Reply 47 of 48
    ddarkoddarko Posts: 22member
    Quote:
    Originally Posted by jragosta View Post


    I wonder how good this number is.



    They're now saying that the number is 230,000 to 270,000:

    http://www.techweekeurope.co.uk/news...sh-botne-72458



    Now, one of two things has happened:



    1. Apple has somehow managed to reduce the number of bots by 60% even though they haven't released any software to fix it

    or

    2. The numbers are nothing more than guesswork and have no validity



    I think #2 is far more likely.



    It's not "guesswork" - it's straightforward arithmetic. Set up a false command server and count the number of bots that check in. The method used to tracking the number of declining infections is the same method used to figure out the initial infection rate. I've asked in another thread and I'll ask here - what's wrong with this method? No one yet has explained why this method is flawed. Since you can't knock down the method with actual reasons, you just resort to asserting that it has "no validity" - no explanation why it's not valid, it just isn't valid.



    Honestly, I cannot believe the cherrypicking going on here, the obstinate refusal to believe facts that you don't want to believe, reality, logic and consistency be damned. It's like every cliched stereotype of a deluded Apple fanboys come to life.



    As for what accounts for the drop in figure, there's also option 3 - that some of the reduction isn't due to trojans being removed yet but are being blocked from checking into the command servers by DNS blocks set up by providers such as Open DNS (Open DNS has announced that they are blocking access to the trojan's command servers, preventing infected computers from communicating and receiving new instructions and code). I would think that the security firms are making sure that DNS blocks aren't being applied to their fake servers so that they can continue to track this botnet accurately but given that Apple apparently misidentified a fake server as a real one and tried to take it down, you can't discount the possibility.



    For those who are curious about the details of the trojan and how it's being tracked, go to Symantec's blog post on the topic. They've set up their own command servers - just like Kaspersky and Dr. Web - and are monitoring the botnet:



    http://www.symantec.com/connect/blog...ns-down-270000



    And Symantec has released their own free Flashback detection and removal tool:



    http://www.symantec.com/security_res...041214-1825-99



    Now there are 3 removal tools from the 3 of the biggest security firms out there - Symantec, Kaspersky and F Secure. All of them are free.
  • Reply 48 of 48
    razorpitrazorpit Posts: 1,796member
    Quote:
    Originally Posted by hill60 View Post


    They are likely to be among the 99% of Mac owners who have not been infected, 99%!



    Well you're right, but it doesn't change the fact that this happened right after the fact and now I have to hear about it.
Sign In or Register to comment.