A recent report released by Dr. Web, an antivirus firm based out of Russia, states that 600,000 Macs are infected with what is being called the Flashback Trojan. This may come as a big shock for many Mac users since the computers are known for their resilience to viruses and other forms of malware.
This “new” trojan isn’t so new. The trojan has been hitting computers since February, exploiting a programming flaw in Java-applet. An update was released by Java for Windows users as soon as the exploit was found, preventing many computers from becoming infected with the trojan, but since Apple regulates and dictates all updates on Mac machines, the release was delayed until Apple could create its own fix.
Apple released two update patches, one titled Java for OS X 2012-001 followed by Java for OS X 2012-002. The reason for a second patch is unknown, perhaps an error in coding in the first patch rendered it unsuccessful for OS X Lion, the only version of OS X that the new patch works with.
Initial reports of the trojan had it hitting roughly 550,000 OS X machines. That number went up when a Dr. Web analyst tweeted an update that indicates the number is now somewhere around 600,000, with over half of the infected machines found in the United States. This was followed by a confirmation by the Russian-based Internet security firm Kaspersky’s findings that tracked the botnet being created by the Flashback Trojan.
Kaspersky found that the trojan is not affecting users’ experience on their Macs; instead, the trojan is being used to commit point-and-click fraud. This is where a series of computers forming a botnet work together to generate ad revenue by clicking and closing out ads. This is all done in the background without users even knowing what is going on.
If you are worried that your Mac may be infected, there is a tool online that can help you determine whether or not your machine has the Flashback Trojan. There are a number of websites offering coding advice to enter into the Mac command terminal. For those of you who don’t want to do that, there is also this MalwareChecker that has been circulating on the Apple forums created by an Apple user.
This is the biggest known attack on Macs to date and shows that the once-thought-to-be-virus- and malware-proof machines may not be all they are cracked up to be. One reason why many believe that Macs were less prone to infection is because they make up a smaller market share of personal computers, so many hackers didn’t bother to write script for a program that, while harder to attack, clearly has some vulnerabilities. As Macs continue to grow in the consumer market, they will become a growing target for hackers to code malicious software for.