What Mac Users Need to Know About the Flashback Trojan

April 8th, 2012

Rich Mogull, in Macworld:

As Mikko Hypponen, Chief Researcher at F-Secure pointed out via Twitter, if there are roughly 45 million Macs out there, Flashback would now have infected more than 1 percent of them, making Flashback roughly as common for Mac as Conficker was for Windows. Flashback appears to be the most widespread Mac malware we’ve seen since the days when viruses were spread on infected floppy disks; it could be the single most significant malware infection to ever hit the Mac community.

Here’s what you need to know about Flashback, what you can do about it, and what it means for the future of Mac security.

About half of PFRE readers are Mac users and Mac users need to pay attention to this issue  and read this article even though we collectively tend to completely ignor viruses and trojans because we are used to thinking OSX is imune to viruses.

Share this

2 Responses to “What Mac Users Need to Know About the Flashback Trojan”

  • Larry ; what would we do without you! News to me :

    if any help for others like me on OS 10.6: to summarise some of the above sites’ advice: the problem involves an unprotected version of Java allowing malware to eventually monitor and refer usernames and passwords typed in to Safari to control centres: go to the Finder and Applications then Choose Utilities and select Terminal : a small window with lines of code: simply type: java -version

    if you see java 1.6.0_29 in response it means you do not have the latest version of Java installed : go to the main Apple icon and check for updates and ensure that Java for Mac OSX 10.6 update 7 is selected.
    You’ll need to restart your computer : then access the terminal as above and type in java-version again : this time it should read : java 1.6.0_31 which is the updated version.

    NB not having the latest version of Java does not mean you have the virus but it could have left your machine susceptible. The site links above suggest disabling Java in Safari (via preferences: NB disable Java not javascript).

    I’ve just installed the update and am considering changing my passwords.

    Thanks again Larry as ever for keeping us Mac Users informed!

  • I’m horrible I know, but I’m having an evil little grin knowing that Mac users are finally learning their ‘perfect OS’ is just as vulnerable as Windows, it just hasn’t been targeted yet!

    Leo over at TWIT, a huge Mac user, has been saying this for years. In fact, in last Sunday’s This Week In Tech episode, they were musing that Mac users might be more vulnerable, since so many don’t use Anti-virus, as they’ve never had to be defensive.

    Ok, I’ll stop now… 🙂

Trackback URI Comments RSS

Leave a Reply