New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Apple Rumors and Reports Discuss what's going on with Apple in this forum

Flashback trojan reportedly controls half a million Macs and counting


Post Reply New Thread Subscribe

 
Thread Tools
adejesus

 
Member Since: Mar 02, 2012
Location: East Greenbush, NY
Posts: 17
adejesus is on a distinguished road
Mac Specs: 13-inch MacBook Pro,2.8GHz dual-core,Intel Core i7,4GB 1333MHz

adejesus is offline
Anyone read this how should I know if I should worry or not?

Flashback trojan reportedly controls half a million Macs and counting
QUOTE Thanks
neilf

 
Member Since: Apr 12, 2008
Posts: 361
neilf is an unknown at this point

neilf is offline
Yep. I read that.
There was a recent update from Apple for Java.
But how would one if their machine had already been compromised?
QUOTE Thanks
AliOop

 
AliOop's Avatar
 
Member Since: Sep 03, 2009
Location: Houston, Texas
Posts: 126
AliOop will become famous soon enough
Mac Specs: MacBook Pro.

AliOop is offline
Good question. What can one use to scan for something like this? Is this a good reason to install AV software? I don't have any at the moment.
QUOTE Thanks
IvanLasston

 
IvanLasston's Avatar
 
Member Since: Feb 26, 2010
Location: Rocky Mountain High, Colorado
Posts: 2,116
IvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to behold
Mac Specs: 1.8 GHz i7 MBA 11" OSX 10.8.2

IvanLasston is offline
Install the update.
The article has a link to an f-secure article that tells you how to fix it.
Threat Description: Trojan-Downloader:OSX/Flashback.I
And yes, this isn't a self replicating virus but it is pretty hairy malware.
Safe browsing practices help.
Using Opendns or dyndns internet guide can help too. They will warn of potentially bad sites.
OpenDNS Internet Security - Malware Protection and Botnet Protection
Internet Guide | Web Content Filtering | Parental Internet Control
QUOTE Thanks
ycl1688

 
Member Since: Mar 09, 2011
Posts: 736
ycl1688 will become famous soon enough
Mac Specs: mbp 15 2009, mbp 13 2010

ycl1688 is offline
Run software update in system preference, if you have java installed apple has a fixed for this.
also refer
Mac Trojan | Flashback Trojan | Zero Day Mac Java flaw | Mac virus
QUOTE Thanks
Deckyon

 
Deckyon's Avatar
 
Member Since: Apr 06, 2011
Location: Louisville, KY - USA
Posts: 1,288
Deckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really nice
Mac Specs: MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM

Deckyon is offline
Run through the commands from the F-secure article and you will be fine. Update the system as suggested and this will be fine. I havent checked my MBP yet, but I have my MacMini and it was a breeze. Of course, it wasnt infected (I dont browse the internet on that machine) as it is only a media server. I will be checking my MBP when I get home.

Threat Description: Trojan-Downloader:OSX/Flashback.I

MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, AMD Radeon HD 6750M 1GB RAM
MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM, AMD Radeon HD 6630M 256MB RAM
iPhone 5S 64GB, iPad Gen3 32GB WiFi, iPod Nano Gen6 8GB, Apple TV 3 & 2
QUOTE Thanks
dekan

 
dekan's Avatar
 
Member Since: Mar 16, 2007
Posts: 756
dekan is a jewel in the roughdekan is a jewel in the rough

dekan is offline
I'm clean :-)

QUOTE Thanks
Stanley

 
Member Since: Aug 31, 2009
Posts: 299
Stanley will become famous soon enough

Stanley is offline
I understand that, to be infected, you would first have to approved a phished certificate saying that it was from Apple.

So once again the user is the final guardian.

True?
QUOTE Thanks
Deckyon

 
Deckyon's Avatar
 
Member Since: Apr 06, 2011
Location: Louisville, KY - USA
Posts: 1,288
Deckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really niceDeckyon is just really nice
Mac Specs: MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM

Deckyon is offline
Quote:
Originally Posted by Stanley View Post
I understand that, to be infected, you would first have to approved a phished certificate saying that it was from Apple.

So once again the user is the final guardian.

True?
yep... laziness is what both the virus authors and virus-scanners rely on. If people paid attention to what they were doing, neither would have much luck in accomplishing their goals.

MBP 17" 2011, 2.3GHz Intel Quad-Core i7, 8GB RAM, AMD Radeon HD 6750M 1GB RAM
MacMini 2011, 2.7GHz Intel Dual-Core i7, 8GB RAM, AMD Radeon HD 6630M 256MB RAM
iPhone 5S 64GB, iPad Gen3 32GB WiFi, iPod Nano Gen6 8GB, Apple TV 3 & 2
QUOTE Thanks
neilf

 
Member Since: Apr 12, 2008
Posts: 361
neilf is an unknown at this point

neilf is offline
Mine has checked out OK.
Thanks to all who contributed.
QUOTE Thanks
Mailtrain

 
Member Since: Dec 25, 2011
Location: West Coast
Posts: 4
Mailtrain is on a distinguished road
Mac Specs: iMac PPC G5 OSX, macbook, ipod

Mailtrain is offline
'Rude awakening' for Mac users as cyber attack infects 550,000 of Apple's 'virus free' machines - with UK and U.S. worst hit
April 5, 2012
Print Version
Source: Daily Mail

A new computer trojan has infected 550,000 machines running Apple's Mac OS X - and many could still be vulnerable. The infected machines are now part of a 'botnet' of zombie machines which can be controlled by cyber criminals and 'told' to download new malicious software.

The attack has been described as a 'rude awakening' for Mac users.





The attack has afflicted machines in America and the UK worst, according to Russian security vendor Dr Web's statistics

The new attack was spotted by Russian anti-virus vendor Dr Web.

'We conducted research to determine the scale of spreading of Trojan BackDoor.Flashback that infects computers running Mac OS X,' says the Russian antivirus vendor.


'The botnet encompasses more than 550 000 infected machines, most of which are located in the United States and Canada.



Can we develop more info on this here?
QUOTE Thanks
Stanley

 
Member Since: Aug 31, 2009
Posts: 299
Stanley will become famous soon enough

Stanley is offline
Quote:
Originally Posted by Deckyon View Post
yep... laziness is what both the virus authors and virus-scanners rely on. If people paid attention to what they were doing, neither would have much luck in accomplishing their goals.
So.

"Don't click on strange and questionable stuff".

Then the OP really has nothing to worry about, which was his question.
QUOTE Thanks
Stanley

 
Member Since: Aug 31, 2009
Posts: 299
Stanley will become famous soon enough

Stanley is offline
See other thread.

Don't click on and authorize weird stuff and you'll be fine.

It only gets in if the user opens the door and invites it to enter.

You know, like a vampire cannot enter your house unless you specifically invite it in.

As in entering your admin password or accepting a phished security certificate.

Just say no.
QUOTE Thanks
salzerrw

 
Member Since: Nov 01, 2011
Location: Woodland Park, CO
Posts: 17
salzerrw is on a distinguished road
Mac Specs: Model Name: iMac Model Identifier: iMac4,1 Processor Name: Intel Core Duo Processor Speed: 1.8

salzerrw is offline
It's a zero-day attack patch that applies to Oracle Java. It only applies to Snow Leopard and some but not all Lion . Apple has recenlyt quit bundeling Oracle Java with Lion.
QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Ottawa
Posts: 17,141
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
Merged threads - let's just keep all these Flashback discussions together.

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Mac-Forums Investigates MacKeeper - Confused about MacKeeper? Take a look at this review.
QUOTE Thanks

Post Reply New Thread Subscribe


« Apple CEO Tim Cook spotted at video game designer Valve's headquarters | Reuters: Justice Department ready to sue Apple over ebook price fixing (Updated) »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

All times are GMT -4. The time now is 07:42 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?