Flashback virus a wakeup call to smug Mac users
by Alan Zisman (c) 2012
published in Business in
Vancouver insert April 17-23, 2012 Issue #1173 High Tech
Office column; an expanded version appeared on LowEndMac
A big reason for Windows users to consider a move to Mac has been the
virtual non-existence of Mac malware.
ComputerWorld reported the existence of a million different computer
viruses at the end of 2008 – but that’s been almost entirely an issue
for Windows users.
Now and again, a virus or other malware that could affect Mac users was
reported, but these were easily avoided and none became widespread.
Many or most Mac users haven’t bothered with anti-virus or other
security software and have tended to assume that their chosen platform
was invulnerable – an attitude Apple has been happy to encourage.
On April 4, however, Russian security firm Dr. Web reported that some
600,000 Macs – an estimated 1% to 2% of all Macs - had been infected
over the past two months with the so-called Flashback Trojan, malware
that took advantage of a known flaw in the web application language
Java. Approximately 125,000 - 20% of the infected Macs - are in Canada,
a surprisingly large number.
Early versions of Flashback disguised themselves as browser plug-ins
such as a faux update to Adobe Flash and required users to install
them; more recent versions can install themselves when a user simply
visits a malicious or infected website, a “drive-by download” with no
permission needed. Users might not be aware they are now infected while
Flashback collects passwords and other personal information and sends
it to a remote server.
Apple released a patch for Mac versions of Java but only for Mac users
running OS X Lion and Snow Leopard versions. Installing this patch will
prevent your Mac from getting infected but won’t cure already infected
Macs. No patch is available for Macs running older versions of OS X -
users of older OS X versions should consider disabling Java entirely
using the Java preferences application in their utilities folder.
Worth doing (if you’re a Mac user) - browse to http://git.io/qWhc_Q
and download the free Flashback Checker app; if it finds your system is
infected, it provides a link to instructions to remove Flashback. If
your system has been infected, it’s probably worth changing passwords
at financial and other services that might have been compromised.
Also worthwhile – install antivirus software on your Mac and keep it up
to date. Home users may want to check out Sophos Free AntiVirus for
Mac (and Windows) users should take updates seriously; in March,
malware targeting Tibetan activists was reported that took advantage of
a flaw in the Mac version of Microsoft Office that had been patched two
and a half years earlier. Apparently enough users had failed to update
their software to make this attack worthwhile.
And Mac users – like Windows users – need to think before they click.
Last year, Macs were targeted by fake security products, the same sort
of “scareware” that has been targeting Windows users for several years.
Apple bears a share of the blame for the extent to which Flashback
spread. The Java language is owned by Oracle, which releases updates to
it for Windows and Linux. Apple, however, updates the Mac version of
Java. Oracle patched the vulnerability targeted by Flashback in
February; Apple didn’t get around to doing the same until April – and
then only for users of the most recent Mac OS X versions.
As well, Apple shares in promoting the idea that Macs are inherently
secure. The company is slow to release patches for known security
holes, releasing Java patches, for example, an average of six months
after they’ve been released for other platforms. Prior to releasing a
patch, Apple is mum on the potential for infection and fails to inform
its customers of steps they might take to protect themselves.
Macs sales have outpaced Windows PC sales for the past 23 consecutive
quarters; apparently the number of Macs has now reached the point where
it is worthwhile for malware to be created to attack them. You can
expect more – and increasingly sophisticated Mac-targeting malware.
It’s time for Mac users and Apple to take these threats more seriously.