Flashback Stories June 25, 2012

Apple softens its language on Virus susceptibility in wake of Flashback trojan

After Apple released a patch to a Java vulnerability that lead to the infection of roughly 600,000 Macs with the Flashback Trojan earlier this year, there were claims weeks later from security researchers that hundreds of thousands of Macs were still infected. Kaspersky’s CEO claimed Apple is “now entering the same world as Microsoft has been in for more than 10 years.” Now, as noted by PCWorld, Apple appears to be publicly changing its longstanding stance that “it doesn’t get PC viruses.” The statement on Apple’s “Why you’ll love a Mac” website now reads: “It’s built to be safe” (as you can see in the comparison screenshots above).

Another statement on the website switched from “Safeguard your data. By doing nothing” to “It’s built to be safe.” Following the Flashback incident, Kaspersky claimed in April that Apple is “ten years behind Microsoft in terms of security,” and he “expects to see more and more” malware on Macs.

Cyber criminals have now recognised that Mac is an interesting area. Now we have more, it’s not just Flashback or Flashfake. Welcome to Microsoft’s world, Mac. It’s full of malware….Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on,” he added. “We now expect to see more and more because cyber criminals learn from success and this was the first successful one…. They will understand very soon that they have the same problems Microsoft had ten or 12 years ago”

Flashback Stories May 14, 2012

Apple releases update to Leopard, includes Flashback removal tool

While Apple has released updates for both Lion and Snow Leopard to remove the Flashback malware that is making the rounds, the company had not released a fix for Leopard until today. Apple released a Flashback Removal Security Update for Leopard this afternoon that weighs 1.23MB. Along with removing the Flashback malware, it also disables the Java plug-in in Safari. Apple described the update:

This update removes the most common variants of the Flashback malware. If the Flashback malware is found, a dialog will notify you that malware was removed. In some cases, the update may need to restart your computer in order to completely remove the Flashback malware…To improve the security of your Mac, this update also disables the Java plug-in in Safari.

Apple also released Security Update 2012-003 for Leopard that “disables versions of Adobe Flash Player that do not include the latest security updates and provides the option to get the current version from Adobe’s website.” A similar update was issued for Lion and Snow Leopard in Safari 5.1.7, which released with OS X 10.7.4 late last week—hit up Software Update.

This is the first major update Apple has released for Leopard since Lion debuted last July. Unlike Adobe, it looks like Apple is devoted to keep its old products up-to-date—even if the update is a few weeks behind. For those of you unaware, Adobe recently told users to upgrade from CS5 to CS6 to avoid a security flaw in older versions of software, instead of just patching it. However, Adobe quickly backed down after receiving a ton of backlash from the community and promised an update in the coming weeks. Still sketchy.

More on the Flashback malware

Flashback Stories April 27, 2012

Oracle finally releases first Java Developement Kits for Mac OS X

When Apple confirmed in 2010 that it would no longer support Java for OS X, it also announced shortly after an agreement with Oracle to include OS X support in future versions of its OpenJDK Project to provide Java SE 7 implementation on Macs. Over a year later, Oracle has now released Java SE 7 Update 4 and JavaFX 2.1 with the first JDK to land with OS X support (via MacRumors):

This release marks Oracle’s first delivery of both the Java Development Kit (JDK) and JavaFX Software Development Kit (SDK) for Mac OS X. 

– Java developers can now download Oracle’s JDK, which includes the JavaFX SDK, for Mac OS X from the Oracle Technology Network (OTN). 

– Oracle plans to release a consumer version of Java SE 7, including the Java Runtime Environment (JRE) for Mac OS X later in 2012.

Following the original announcement in 2010, Apple’s late CEO Steve Jobs explained that his company’s practice of shipping a version of Java behind Oracle as possibly “not be the best way to do it.” Of course, Apple has patched several vulnerabilities in Java in recent weeks that have lead to an outbreak of malware on Macs. That vulnerability was patched by Oracle in February, months before OS X users received it.

Flashback Stories April 26, 2012

Kaspersky: Apple is 10 years behind Microsoft on security

The last time security researchers at Kaspersky checked the state of Macs infected with the Flashback malware outbreak, it estimated roughly 140,000 were still infected. At the recent Info Security Europe 2012 conference, CBR quoted CEO and co-founder Eugene Kaspersky as claiming Apple is 10 years behind Microsoft when it comes to security:

“I think they are ten years behind Microsoft in terms of security,” Kaspersky told CBR. “For many years I’ve been saying that from a security point of view there is no big difference between Mac and Windows. It’s always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms…. 

Cyber criminals have now recognised that Mac is an interesting area. Now we have more, it’s not just Flashback or Flashfake. Welcome to Microsoft’s world, Mac. It’s full of malware….Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on,” he added. “We now expect to see more and more because cyber criminals learn from success and this was the first successful one…. They will understand very soon that they have the same problems Microsoft had ten or 12 years ago”

Flashback Stories April 19, 2012

As of yesterday, security company Symantec released a statement claiming there were still 140,000 Macs infected from the recent Flashback malware outbreak that originally infected an estimated 600,000 Mac users. That was despite Apple issuing a Java security update to remove the malware. Today, security researchers from Kaspersky said during a press conference (via Ars Technica) that it estimated infections dropped to 30,000, while still warning more “mass-malware” on OS X is on the way:

“Market share brings attacker motivation… Expect more drive-by downloads, more Mac OS X mass-malware. Expect cross-platform exploit kits with Mac-specific exploits.”

Kaspersky also clarified that much of the Flashback infections were spread through trusted WordPress websites that have been hijacked rather than through malicious downloaded files as many assume. Ars explained: expand full story

Flashback Stories April 10, 2012

Over the past few weeks, security experts have warned Mac users of a new virus making its rounds called the “Flashback” trojan. Flashback is allegedly on over 600,000 Macs, which is roughly 1-percent of the 45 million out there. Flashback exploits a pair of vulnerabilities in older versions of Java. Apple may have patched it, but it is still out there and running on many machines.

How do you know if you are infected? F-Secure has a few Terminal commands to check your machine. For the many who are not adept at keeping their Java updates fresh, terminal commands are going to be even more foreign. Luckily, ArsTechnica points us to a free Flashback checker available on github. The app runs the same checks as you would in Terminal, but automates it for you.

We ran the test ourselves and were clean, but one of our readers found that he had the virus last week. It is definitely worth checking out. If your Mac does have Flashback, F-secure offers a great guide on how to remove it.

expand full story

Powered by WordPress.com VIP