Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Half a million Mac computers 'infected with malware'
BBC ^ | April 2012 Last updated at 08:54 ET

Posted on 04/05/2012 8:45:23 AM PDT by null and void

An investigation by Dr Web suggests that about 600,000 Macs have the malware - potentially allowing them to be hijacked and used as a "botnet".

It says that more than half that number are in the US.

Flashback was first detected last September when anti-virus researchers flagged software masquerading itself as a Flash Player update. Once downloaded it deactivated some of the computer's security software.

Remote control

"By introducing the code criminals are potentially able to control the machine," the firm's chief executive Boris Sharov told the BBC.

"We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals' hands. However, we know people create viruses to get money.

"The largest amounts of bots - based on the IP addresses we identified - are in the US, Canada, UK and Australia, so it appears to have targeted English-speaking people."

Dr Web also notes that 274 of the infected computers it detected appeared to be located in Cupertino, California - home to Apple's headquarters.

Update wait

Apple released its own "security update" on Wednesday - more than eight weeks later. It can be triggered by clicking on the software update icon in the computer's system preferences panel.

The security firm F-Secure has also posted detailed instructions about how to confirm if a machine is infected and how to remove the Trojan.

Although Apple's system software limits the actions its computers can take without requesting their users' permission, some security analysts suggest this latest incident highlights the fact that the machines are not invulnerable.

"People used to say that Apple computers, unlike Windows PCs, can't ever be infected - but it's a myth," said Timur Tsoriev, an analyst at Kaspersky Lab.

Apple could not provide a statement at this time.

(Excerpt) Read more at bbc.co.uk ...


TOPICS:
KEYWORDS: apple; bots; flashback; hacking; internet; mac; malware; microsoft; osx; tech; virus; windows
Navigation: use the links below to view more comments.
first 1-5051-100101-150151-185 next last
I suspect my own iMac was infected.
1 posted on 04/05/2012 8:45:25 AM PDT by null and void
[ Post Reply | Private Reply | View Replies]

To: null and void

Better warm up the popcorn popper. This ought to be interesting.


2 posted on 04/05/2012 8:50:54 AM PDT by Windflier (To anger a conservative, tell him a lie. To anger a liberal, tell him the truth.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void

Now I seem to recall at least a half dozen people telling me that Macs are superior to PCs in part because Macs don’t get viruses. Then I would tell them that it only appears so because most computers are PCs and hence most, but not all, malware is targeted at PCs.


3 posted on 04/05/2012 8:53:32 AM PDT by BJ1
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void

Downloading security update now.


4 posted on 04/05/2012 8:58:24 AM PDT by Ole Okie
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void

How can you tell? I am a MAC user and keep my software updates checked daily..what was your experience?


5 posted on 04/05/2012 9:05:40 AM PDT by celtic gal
[ Post Reply | Private Reply | To 1 | View Replies]

To: BJ1

Hi, Nully!


6 posted on 04/05/2012 9:06:17 AM PDT by celtic gal
[ Post Reply | Private Reply | To 3 | View Replies]

To: BJ1

MACS were safer because Windows dominated and relatively few miscreants in Pakistan or the Ukraine wasted their time writing malware for them.

Recent technological developments have changed this.


7 posted on 04/05/2012 9:10:56 AM PDT by Buckeye McFrog
[ Post Reply | Private Reply | To 3 | View Replies]

To: celtic gal; All
On reddit someone posted the instructions to remove it. How to tell if you're infected
8 posted on 04/05/2012 9:11:05 AM PDT by GOYAKLA (Recall/ Impeachment Day, November 6, 2012. FUBO)
[ Post Reply | Private Reply | To 6 | View Replies]

To: celtic gal

Hi CG, long time no see.

No overt symptoms, did recently download Flash player updates, and machine hasn’t quite felt right lately.

Just installed the latest Apple updates, seems a bit better...


9 posted on 04/05/2012 9:13:32 AM PDT by null and void (Day 1171 of America's ObamaVacation from reality [Heroes aren't made, Frank, they're cornered...])
[ Post Reply | Private Reply | To 6 | View Replies]

To: GOYAKLA

bump - thanks.


10 posted on 04/05/2012 9:25:43 AM PDT by Liberty Valance (Keep a simple manner for a happy life :o)
[ Post Reply | Private Reply | To 8 | View Replies]

To: null and void

How is that possible? MACs aren’t like Windows machines in that if you’re not careful, you’re logging in under the admin account.

Last time I messed with a MAC, I seem to remember that you get a pop up asking you to put in the admin password if you’re doing any task that require rights. Now if you got the dialog box and entered the admin password during normal operations, you blew it. No amount of security in the world will help any user who blindingly inputs their admin pw.


11 posted on 04/05/2012 9:26:35 AM PDT by Lx (Do you like it, do you like it. Scott? I call it Mr. and Mrs. Tennerman chili.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Windflier; moehoward; Swordmaker; for-q-clinton

Interesting article!


12 posted on 04/05/2012 9:27:16 AM PDT by cartan
[ Post Reply | Private Reply | To 2 | View Replies]

To: Windflier
But..but...but...Mac's are so secure...no hacker could ever hack/infect/take over a Mac....that one happens to Microsoft products...

Laughing my tookis off at the fools.....

13 posted on 04/05/2012 9:27:42 AM PDT by rightwingextremist1776
[ Post Reply | Private Reply | To 2 | View Replies]

To: Lx

Yeah people get that popup and provide their password without bothering to find out what they’re allowing. The biggest security hole is always the people, that’s why trojans are the most successful form of malware, the hole a virus uses will eventually get patched, there is no patch for the click happy human hole.


14 posted on 04/05/2012 9:29:31 AM PDT by discostu (I did it 35 minutes ago)
[ Post Reply | Private Reply | To 11 | View Replies]

To: Buckeye McFrog
Ahh yes...the old security through obscurity...

Looks like it finally caught up to the Macs...as I knew it would.

15 posted on 04/05/2012 9:29:40 AM PDT by rightwingextremist1776
[ Post Reply | Private Reply | To 7 | View Replies]

To: Lx
MACs aren’t like Windows machines in that if you’re not careful, you’re logging in under the admin account.
How does that work? I have absolutely never accidentally logged in as admin under Windows.
16 posted on 04/05/2012 9:33:55 AM PDT by cartan
[ Post Reply | Private Reply | To 11 | View Replies]

To: Lx

Yep. Even the best of us will occasionally get stupid.


17 posted on 04/05/2012 9:36:21 AM PDT by null and void (Day 1171 of America's ObamaVacation from reality [Heroes aren't made, Frank, they're cornered...])
[ Post Reply | Private Reply | To 11 | View Replies]

To: GOYAKLA

After I ran :

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

I got:

/Users/Shared/.libgmalloc.dylib

That normal ?


18 posted on 04/05/2012 9:38:13 AM PDT by Para-Ord.45
[ Post Reply | Private Reply | To 8 | View Replies]

To: discostu
As the article explained, the malware installed itself even if you didn’t supply the admin password. It would install itself under the user account then.
19 posted on 04/05/2012 9:38:29 AM PDT by cartan
[ Post Reply | Private Reply | To 14 | View Replies]

To: cartan

On some level they still probably agreed to something. Most of the malware in the PC world comes with browser toolbars.


20 posted on 04/05/2012 9:41:20 AM PDT by discostu (I did it 35 minutes ago)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Para-Ord.45; All

If the error doesn’t return you should follow the instructions here:

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml


21 posted on 04/05/2012 9:41:47 AM PDT by GOYAKLA (Recall/ Impeachment Day, November 6, 2012. FUBO)
[ Post Reply | Private Reply | To 18 | View Replies]

To: GOYAKLA

If the error doesn’t return you should follow the instructions here:

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

According to your link:

Installation

On execution, the malware checks if the following path exists in the system:

  • /Library/Little Snitch
  • /Developer/Applications/Xcode.app/Contents/MacOS/Xcode
  • /Applications/VirusBarrier X6.app
  • /Applications/iAntiVirus/iAntiVirus.app
  • /Applications/avast!.app
  • /Applications/ClamXav.app
  • /Applications/HTTPScoop.app
  • /Applications/Packet Peeper.app

If any of these are found, the malware will skip the rest of its routine and proceed to delete itself.

So, it would appear the malware regards the letter X in Xcode the way the devil regards crossed forearms? That's good to know, LOL!

22 posted on 04/05/2012 10:01:19 AM PDT by cynwoody
[ Post Reply | Private Reply | To 21 | View Replies]

To: BJ1

They still are once again you have to allow this to download and install on your computer.If I see something pop up I never let t install and will go directly to the site to see f there are updates.


23 posted on 04/05/2012 10:05:27 AM PDT by chris_bdba
[ Post Reply | Private Reply | To 3 | View Replies]

To: null and void; Swordmaker

Not Possible! Swordmaker and the macbots have told me that only windows gets stuff like this.

Where as I have always asserted once Macs become more popular (which they now have) they will have more attacks.

I wonder who was right?


24 posted on 04/05/2012 10:13:13 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: discostu

From the Article:

“Later versions of the malware exploited weaknesses in the Java programming language to allow the code to be installed from bogus sites without the user’s permission. “


25 posted on 04/05/2012 10:16:10 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Windflier; Swordmaker

From the article:

“Java’s developer, Oracle, issued a fix to the vulnerability on 14 February, but this did not work on Macintoshes as Apple manages Java updates to its computers.

Apple released its own “security update” on Wednesday - more than eight weeks later. It can be triggered by clicking on the software update icon in the computer’s system preferences panel.”

So if Apple allowed java to be updated by Oracle then this wouldn’t have been as widespread of an issue. Very interesting.

I wonder why Apple took so long to patch this vulnerability? Maybe they should stick to making hardware and leave the software to the pros.


26 posted on 04/05/2012 10:18:55 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 2 | View Replies]

To: cartan; ShadowAce

Thanks for the ping.

Shadow Ace...this is definitely worthy of the tech ping.


27 posted on 04/05/2012 10:20:55 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 12 | View Replies]

To: rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; stylin_geek; ...

Number of Macs infected came from an AV company--take that for what it's worth.

28 posted on 04/05/2012 10:24:24 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rightwingextremist1776

Um. You’re “laughing your tookis off” because Windows has lost market share? OK.

Please, keep using your Windows machine. That way, I’ll have the competitive advantage.


29 posted on 04/05/2012 10:26:18 AM PDT by Theo (May Rome decrease and Christ increase.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: ShadowAce

A *RUSSIAN* AV company.


30 posted on 04/05/2012 10:27:47 AM PDT by Theo (May Rome decrease and Christ increase.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: null and void

You Mac owners lied!

31 posted on 04/05/2012 10:28:18 AM PDT by McGruff (Umm...I'm thinking.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Para-Ord.45

It sounds like you got it.


32 posted on 04/05/2012 10:30:24 AM PDT by Tribune7 (GAS WAS $1.85 per gallon on the day Obama was Inaugurated! - - freeper Gaffer)
[ Post Reply | Private Reply | To 18 | View Replies]

To: Tribune7

After following the instructions, ‘ libgmalloc.dylib ‘ is now gone.

No unusual activity on any C.C., no account hijackings, no PW changes,etc.


33 posted on 04/05/2012 10:33:07 AM PDT by Para-Ord.45
[ Post Reply | Private Reply | To 32 | View Replies]

To: Buckeye McFrog

While this is part of the reason, you are ignoring a fundamental difference in the approach to security and design. Windows uses a completely different and frankly weaker security model/design, especially in older versions of their OS than UNIX (which OSX is based upon).

Any computer can be hacked, but when you have a security model that is more flawed on computer a than computer b, computer A is going to get hacked more.

No computer is hack proof, it its on the internet its at risk, period.


34 posted on 04/05/2012 10:41:49 AM PDT by HamiltonJay
[ Post Reply | Private Reply | To 7 | View Replies]

To: for-q-clinton

Apple controlling the updates is part of their overall security, and part of why they tend to have less issues. The model has its pluses and minuses.

The plus, only updates they send are going to get pushed to computers, meaning someone can’t hijack or spoof say an update looking like its an oracle update from oracle and compromise your box.. the update must come from apple. The down side, is as you pointed out, updates can take longer to be distributed because Apple must review and push them.

Security is a balance between usability and safety. The safer you want your computer to be, the less usable its going to be in practical application.

Opening up updates to be done from anywhere, does open Windows up to a more likely possibility of a phone update being pushed and infecting computers than a centralized distribution policy such as Apple has. However it also means updates don’t happen as quickly because the developers can’t push them directly.

I’ve had flame wars against Apple since the days of the Apple II, my Commodore 8 bits ran rings around them in every measurable way back in the day, and honestly I’ve traditionally not been a huge fan of theirs...though I can see why some folks enjoy them. From a user experience side, they have traditionally been miles ahead of MS. As a tech geek, they frustrate the heck out of me. However as a tech geek I’m really not their target market, their target market is people who are not technically savvy, and don’t want to be but want to use technology elegantly and simply... and on that front, Apple has done a supurb job, and does to this day.

Yes, that comes with pricetags I don’t care for, ungodly overpriced hardware, a development language that is rediculously and needlessly obtuse, and UI weaknesses that they need to concede they are wrong about.. IE only the bottom right corner can be used to resize a window... Its time to accept and update that one guys and let users drag any part of a window to resize it.

Apple focus these days is on USER EXPERIENCE, and give them credit where it is due, they own it. But like their security push model, it too comes with a price, want to publish for iPhone etc better meet their guidelines and pass their review before it will get out to the world. No such restrictions on other platforms, but this oversight while annoying from a pure hacker perspective, does lead to a ubiquitous experience to the user, regardless of who develops the app etc. All you have to do is go look at Android Apps and you’ll instantly see what I am talking about. Thousand upon thousands of crappy apps, they may do their jobs, but the user experience and interfaces are kludgy and inconsistent.

However getting back to security, Apples model for security is a generally safter design than Windows, especially on older version of the OS. Is it perfect? Nope, no such thing exists.


35 posted on 04/05/2012 10:54:25 AM PDT by HamiltonJay
[ Post Reply | Private Reply | To 26 | View Replies]

To: Theo

Not at all...I couldn’t care less....to me they are just tools. What I’m laughing at are all the Mac people trying to convince everyone else about how secure their systems are....when the security professionals know that NOT to be the case...now the chickens are coming home....to roost. LOL..... How secure do you feel NOW? If you were a smart Mac owner, you would start taking the steps to become a smart Mac user. (you in the general sense, not you in particular).


36 posted on 04/05/2012 11:16:12 AM PDT by rightwingextremist1776
[ Post Reply | Private Reply | To 29 | View Replies]

To: rightwingextremist1776
But..but...but...Mac's are so secure...no hacker could ever hack/infect/take over a Mac....that one happens to Microsoft products...

Munch munch...

37 posted on 04/05/2012 11:40:58 AM PDT by Windflier (To anger a conservative, tell him a lie. To anger a liberal, tell him the truth.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Para-Ord.45
Do you use Safari?

Do you work in a standard account or admin account?

38 posted on 04/05/2012 12:39:44 PM PDT by Tribune7 (GAS WAS $1.85 per gallon on the day Obama was Inaugurated! - - freeper Gaffer)
[ Post Reply | Private Reply | To 33 | View Replies]

To: HamiltonJay
Windows uses a completely different and frankly weaker security model/design, especially in older versions of their OS than UNIX (which OSX is based upon).
These older versions you speak of were the Windows 3.1 / 9x / ME line. They do not exist anymore, and for over ten years now. They had no security at all, kindof like Mac OS 9… When we say “Windows” today, what we mean is the OS that derives from Windows NT, a completely different beast. There is nothing in its security model or design that makes it any less secure than Unix. If anything, it is more secure.
39 posted on 04/05/2012 12:45:49 PM PDT by cartan
[ Post Reply | Private Reply | To 34 | View Replies]

To: cartan

Not especially. More of the same old.


40 posted on 04/05/2012 12:49:47 PM PDT by moehoward
[ Post Reply | Private Reply | To 12 | View Replies]

To: for-q-clinton
"From the article:“Java’s developer, Oracle,......"

From a better article....

"OS X does not come with Java installed by default, and the latest versions of Java should be patched properly so anyone with new or properly updated systems should be safe from these threats........."

To summarize, the malware has overall adopted two modes of infection. The first is where it requires administrative privileges......The second .... is done to the user's account... does not require admin privileges to complete;however, it does ultimately result in a more obvious infection that will destabilize the system and lead to crashes."

Bottom line.....

....again.

41 posted on 04/05/2012 1:07:01 PM PDT by moehoward
[ Post Reply | Private Reply | To 26 | View Replies]

To: null and void
Half a million Mac computers 'infected with malware'

Don't be silly.

That's a PC plebeian problem!

*huff*

42 posted on 04/05/2012 2:59:56 PM PDT by Publius6961 (A)
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void
This should really be a non-issue. Apple makes it so easy and painless to keep your system updated. I have my Macbook set to check for updates daily (it defaults to weekly in system preferences). You can even have the updates install automatically if you so desire.

So there is no excuse for any responsible Apple user to have this "virus" still on their system.

43 posted on 04/05/2012 3:41:53 PM PDT by SamAdams76 (I am 35 days away from outliving Phil Hartman)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HamiltonJay

Why is people want to keep comparing Apples latest and greatest to products Microsoft made 15 years ago? I guess it’s the only way they can compete.


44 posted on 04/05/2012 3:53:55 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 35 | View Replies]

To: SamAdams76

The update came out yesterday, I installed it this morning...


45 posted on 04/05/2012 3:55:53 PM PDT by null and void (Day 1171 of America's ObamaVacation from reality [Heroes aren't made, Frank, they're cornered...])
[ Post Reply | Private Reply | To 43 | View Replies]

To: SamAdams76

I think you missed the part of the article that said Apple took over 8 weeks to release the patch to fix this issue. Where as Oracle had it out in February...apple not until April.

I don’t care what kind of auto-updates you have set...if the patch isn’t available it can’t be fixed.


46 posted on 04/05/2012 3:59:07 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 43 | View Replies]

To: null and void

Evidently for a Mac to be secure you need to run windows 7 on it and use that to browse the Internet.

Clearly OSX can’t handle it—they took 8 weeks to release an update for a known exploit that was already fixed by Oracle.


47 posted on 04/05/2012 4:00:29 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 45 | View Replies]

To: null and void

bfl


48 posted on 04/05/2012 4:15:54 PM PDT by BikerTrash
[ Post Reply | Private Reply | To 1 | View Replies]

To: GOYAKLA

Thanks. Clean.


49 posted on 04/05/2012 4:33:18 PM PDT by PA Engineer (Time to beat the swords of government tyranny into the plowshares of freedom.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Tribune7

Admin. Use Safari and Opera


50 posted on 04/05/2012 4:44:46 PM PDT by Para-Ord.45
[ Post Reply | Private Reply | To 38 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-100101-150151-185 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson