Apple Rumors and Reports Discuss what's going on with Apple in this forum

Flashback trojan reportedly controls half a million Macs and counting


Post Reply New Thread Subscribe

 
Thread Tools
adejesus
#1 (permalink)

 
Member Since: Mar 02, 2012
Location: East Greenbush, NY
Posts: 17
adejesus is on a distinguished road
Mac Specs: 13-inch MacBook Pro,2.8GHz dual-core,Intel Core i7,4GB 1333MHz

adejesus is offline
Old 04-05-2012, 07:23 AM
Anyone read this how should I know if I should worry or not?

Flashback trojan reportedly controls half a million Macs and counting
QUOTE Thanks
neilf
#2 (permalink)

 
Member Since: Apr 12, 2008
Posts: 304
neilf is an unknown at this point

neilf is offline
Old 04-05-2012, 09:01 AM
Yep. I read that.
There was a recent update from Apple for Java.
But how would one if their machine had already been compromised?
QUOTE Thanks
AliOop
#3 (permalink)

 
AliOop's Avatar
 
Member Since: Sep 03, 2009
Location: Houston, Texas
Posts: 110
AliOop will become famous soon enough
Mac Specs: MacBook Pro.

AliOop is offline
Old 04-05-2012, 09:51 AM
Good question. What can one use to scan for something like this? Is this a good reason to install AV software? I don't have any at the moment.
QUOTE Thanks
IvanLasston
#4 (permalink)

 
IvanLasston's Avatar
 
Member Since: Feb 26, 2010
Location: Rocky Mountain High, Colorado
Posts: 2,116
IvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to behold
Mac Specs: 1.8 GHz i7 MBA 11" OSX 10.8.2

IvanLasston is offline
Old 04-05-2012, 09:51 AM
Install the update.
The article has a link to an f-secure article that tells you how to fix it.
Threat Description: Trojan-Downloader:OSX/Flashback.I
And yes, this isn't a self replicating virus but it is pretty hairy malware.
Safe browsing practices help.
Using Opendns or dyndns internet guide can help too. They will warn of potentially bad sites.
OpenDNS Internet Security - Malware Protection and Botnet Protection
Internet Guide | Web Content Filtering | Parental Internet Control
QUOTE Thanks
ycl1688
#5 (permalink)

 
Member Since: Mar 09, 2011
Posts: 717
ycl1688 will become famous soon enough
Mac Specs: mbp 15 2009, mbp 13 2010

ycl1688 is offline
Old 04-05-2012, 10:04 AM
Run software update in system preference, if you have java installed apple has a fixed for this.
also refer
Mac Trojan | Flashback Trojan | Zero Day Mac Java flaw | Mac virus
QUOTE Thanks
Deckyon
#6 (permalink)

 
Deckyon's Avatar
 
Member Since: Apr 06, 2011
Location: Louisville, KY - USA
Posts: 1,234
Deckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really nice
Mac Specs: MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM

Deckyon is offline
Old 04-05-2012, 10:24 AM
Run through the commands from the F-secure article and you will be fine. Update the system as suggested and this will be fine. I havent checked my MBP yet, but I have my MacMini and it was a breeze. Of course, it wasnt infected (I dont browse the internet on that machine) as it is only a media server. I will be checking my MBP when I get home.

Threat Description: Trojan-Downloader:OSX/Flashback.I
MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, AMD Radeon HD 6750M 1GB RAM
MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM, AMD Radeon HD 6630M 256MB RAM
iPhone 4S 64GB, iPad Gen3 32GB WiFi, iPod Nano Gen6 8GB, Apple TV Gen2
QUOTE Thanks
dekan
#7 (permalink)

 
dekan's Avatar
 
Member Since: Mar 16, 2007
Posts: 756
dekan is a jewel in the roughdekan is a jewel in the rough

dekan is offline
Old 04-05-2012, 10:36 AM
I'm clean :-)
QUOTE Thanks
Stanley
#8 (permalink)

 
Member Since: Aug 31, 2009
Posts: 291
Stanley will become famous soon enough

Stanley is offline
Old 04-05-2012, 10:49 AM
I understand that, to be infected, you would first have to approved a phished certificate saying that it was from Apple.

So once again the user is the final guardian.

True?
QUOTE Thanks
Deckyon
#9 (permalink)

 
Deckyon's Avatar
 
Member Since: Apr 06, 2011
Location: Louisville, KY - USA
Posts: 1,234
Deckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really nice
Mac Specs: MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM

Deckyon is offline
Old 04-05-2012, 10:55 AM
Quote:
Originally Posted by Stanley View Post
I understand that, to be infected, you would first have to approved a phished certificate saying that it was from Apple.

So once again the user is the final guardian.

True?
yep... laziness is what both the virus authors and virus-scanners rely on. If people paid attention to what they were doing, neither would have much luck in accomplishing their goals.
MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, AMD Radeon HD 6750M 1GB RAM
MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM, AMD Radeon HD 6630M 256MB RAM
iPhone 4S 64GB, iPad Gen3 32GB WiFi, iPod Nano Gen6 8GB, Apple TV Gen2
QUOTE Thanks
neilf
#10 (permalink)

 
Member Since: Apr 12, 2008
Posts: 304
neilf is an unknown at this point

neilf is offline
Old 04-05-2012, 11:05 AM
Mine has checked out OK.
Thanks to all who contributed.
QUOTE Thanks
Mailtrain
#11 (permalink)

 
Member Since: Dec 25, 2011
Location: West Coast
Posts: 4
Mailtrain is on a distinguished road
Mac Specs: iMac PPC G5 OSX, macbook, ipod

Mailtrain is offline
Old 04-05-2012, 11:10 AM
'Rude awakening' for Mac users as cyber attack infects 550,000 of Apple's 'virus free' machines - with UK and U.S. worst hit
April 5, 2012
Print Version
Source: Daily Mail

A new computer trojan has infected 550,000 machines running Apple's Mac OS X - and many could still be vulnerable. The infected machines are now part of a 'botnet' of zombie machines which can be controlled by cyber criminals and 'told' to download new malicious software.

The attack has been described as a 'rude awakening' for Mac users.





The attack has afflicted machines in America and the UK worst, according to Russian security vendor Dr Web's statistics

The new attack was spotted by Russian anti-virus vendor Dr Web.

'We conducted research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X,' says the Russian antivirus vendor.


'The botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada.



Can we develop more info on this here?
QUOTE Thanks
Stanley
#12 (permalink)

 
Member Since: Aug 31, 2009
Posts: 291
Stanley will become famous soon enough

Stanley is offline
Old 04-05-2012, 11:10 AM
Quote:
Originally Posted by Deckyon View Post
yep... laziness is what both the virus authors and virus-scanners rely on. If people paid attention to what they were doing, neither would have much luck in accomplishing their goals.
So.

"Don't click on strange and questionable stuff".

Then the OP really has nothing to worry about, which was his question.
QUOTE Thanks
Stanley
#13 (permalink)

 
Member Since: Aug 31, 2009
Posts: 291
Stanley will become famous soon enough

Stanley is offline
Old 04-05-2012, 11:13 AM
See other thread.

Don't click on and authorize weird stuff and you'll be fine.

It only gets in if the user opens the door and invites it to enter.

You know, like a vampire cannot enter your house unless you specifically invite it in.

As in entering your admin password or accepting a phished security certificate.

Just say no.
QUOTE Thanks
salzerrw
#14 (permalink)

 
Member Since: Nov 01, 2011
Location: Woodland Park, CO
Posts: 15
salzerrw is on a distinguished road
Mac Specs: Model Name: iMac Model Identifier: iMac4,1 Processor Name: Intel Core Duo Processor Speed: 1.8

salzerrw is offline
Old 04-05-2012, 11:14 AM
It's a zero-day attack patch that applies to Oracle Java. It only applies to Snow Leopard and some but not all Lion . Apple has recenlyt quit bundeling Oracle Java with Lion.
QUOTE Thanks
vansmith
#15 (permalink)

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Ottawa
Posts: 15,311
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is online now
Old 04-05-2012, 11:14 AM
Merged threads - let's just keep all these Flashback discussions together.
Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog :: M-F IRC Channel - Chats every Sunday at 8PM EST.
QUOTE Thanks

Post Reply New Thread Subscribe


« Apple CEO Tim Cook spotted at video game designer Valve's headquarters | Reuters: Justice Department ready to sue Apple over ebook price fixing (Updated) »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

All times are GMT -4. The time now is 08:55 PM.

Powered by vBulletin
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.

Learn more about advertising opportunities across the iNET Interactive Network.

LiquidWeb
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?