F-Secure Stories April 6, 2017
F-Secure Stories April 4, 2012
ArsTechnica quotes a Russian antivirus company called “Dr. Web” that claims hundreds of thousands of Macs are infected with the Flashback Trojan detailed earlier this week. The attack takes advantage of an old Java vulnerability that Apple just patched this week.
Variations of the Flashback trojan have reportedly infected more than half a million Macs around the globe, according to Russian antivirus company Dr. Web. The company made an announcement on Wednesday—first in Russian and later in English—about the growing Mac botnet, first claiming 550,000 infected Macs. Later in the day, however, Dr. Web malware analyst Sorokin Ivan posted to Twitter that the count had gone up to 600,000, with 274 bots even checking in from Cupertino, CA, where Apple’s headquarters are located.
Dr. Web said over half of the infected computers were in the United States (including 274 in Cupertino), and 20 percent were in Canada. The malware self-installs after you visit a compromised or malicious webpage. Obviously, it would be a good idea to update any Macs in your control.
If you think one of your machines may be infected, F-Secure has instructions on how to use the Terminal to find out. If these numbers are true, chances are some 9to5Mac readers are infected. Update: A reader comments that he was infected (599,999 more to go):