The scariest thing about the Flashback trojan: I have no idea how to fight it
Summary: The recent reemergence of the Flashback OSX trojan has shown a lot of things, but none more clearly than this: I have no clue how to counter virus and trojan threats on the Mac.
For four years in college I worked in my school's IT department. It was nice, my job, because honed my computer skills on a variety of fronts, teaching me the ups and downs of how to identify and fix all sorts of computer problems.
Malware removal was at the forefront of these skills. Pretty much all students had computers, but painfully few of them were all that great at taking care of them. Part of the blame was with Windows, but most of it was with users themselves. That was just the reality.
But then something significant started happening: Students starting buying Macs, and in rapdily increasing numbers. We watched the numbers grow each year, as Macbooks started eating into the marketshare formerly reserved for the gamut of Dell Latitudes and Toshiba Satellites. It was mesmerizing, but also worrying.
The ambivalence stemmed from this: If you asked any college student five years ago (and, hell, any college student now) why they decided to buy an Apple computer, chances are they would respond, without fail, with the following: "Macs don't get viruses."
Most of us are aware now that that's not true. Macs have remained relatively unscathed by threats because for a very long time very few people owned them. Things are different now -- though, admittedly, not much: As of October 2011, OSX commands around 13% of the U.S. PC market, which, while not a terribly high percentage, is plausibly enough to make the OS a target.
Market share realities aside, the vision of these new Mac owners was enticing. If Windows were a country, it would be one plagued by war and disease, and these new Mac owners would be like refugees fleeing into Apple's sheltering arms. Buying a Mac was entering starry-eyed into a utopia of worry-free computer use. "Macs Don't Get Viruses" was their mantra.
Very rapidly it became clear there were some major problems with that line of thinking. One, it wasn't true, and, two, it gave a lot of people some very dangerous assumptions about the reality of safety and using a Mac.
It was obvious on the IT end as well. Regular virus and malware threats on Windows had hardened our skills against them. On Windows, we had all the anti-malware tools we needed, and a deep knowledge on how to counter any number of issues. The constant threat made us constantly prepared.
Things on the Mac front could not have been any more different. The comparative lack of viral threats on the Mac end had left us soft, exposed. It was a utopia, sure, but the barbarians were at the gates.
I remember telling friends and supervisors multiple times that if a major Mac virus or trojan were to emerge, I would be at a complete loss as to how to fight it. This is probably still true, as the emergence of the Flashback trojan has shown most clearly.
The most recent version of Flashback targets a unpatched Java vulnerability in OSX, one that Oracle fixed months ago but Apple never got around to relaying. Now, I'm still not entirely sure what Flashback does, but I was pretty completely clueless on how I could fight it. This is the bitter reality of being a Mac owner in 2012. I have very little idea of how to keep my machine safe.
And I imagine many other Mac owners feel the same way. If the half million Flashback-infected Macs are any indication, Mac owners are all going to need a crash course in computer safety. And fast.
Related:
New OS X malware variant attacks unpatched MacsKick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Seriously??
The fact that he doesn't know the difference between a virus & a trojan
But for the rest of you, simply Google "Mac Flashback trojan" and you'll find all the resources you need to learn if you have it, remove if you do, and avoid it if you don't (otherwise known as Software Update).
Software update?
Err
So why the decline in malware on Windows? Simple: Windows, it isn't the insecure malware invitation it once was. Microsoft have to take a lot of the credit here - those A/V companies? Not so much.
Windows, it isn't the insecure malware invitation it once was?
I do believe that Mac's are inherently more secure but as long as one vulnerability can be found and exploited, the term "inherently" more secure means absolutely nothing. There is no excuse for and it is absolutely unjustifiable that Apple has not fixed a known vulnerability in so many months. Mac Users need to wake up and stop defending Apple and start demanding Apple provides them with a secure product like their advertising suggested.
I'm not at all suggesting that they switch to Windows where the problem of security is indeed more worrisome but if they give Apple a pass and don't hold them to a higher standard There abject denial that their is a problem developing and insistence that Its worse for MS users will be of little consolation.
Only install software from trusted sources
It's a trojan, the ONLY thing getting past the Mac's security because the user grants it passage. Viruses on the other hand, like those on windows, still don't work at all on Macs because Macs actually has a functioning security without third party software.
fight it with denial
LOL
@Linux Geek ... you just cost me a keyboard
(n.b. oh, and be sure you get that episode script to the Futurama writers before they begin the next season ... they're bound to get a feature length movie out of that one (..or at least a two-parter). :P
Use the same skills you use to fight them in Windows.
Quoting momma Bubbett, "this is not rocket science add a Mac AV keep it updated, now get out of my kitchen I am fixing dinner".
Enter the MAC user learning curve.
Sophos
http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
Ironically, it's not free for Windows...
Well . . .
Even though the [i]technical[/i] usage of the word means something very specific, the [i]common[/i] usage of the word has essentially become "something bad got installed on my system," and marketing departments know that. So do check the fine print rather than reading too much into the product name.
Not really
http://en.wikipedia.org/wiki/Malware
Reformat, reinstall
The best way to protect yourself from Flashback?
I noticed..
Flashback is centered around Java, specifically the Java plug-in
[i]Do you need Java?[/i] If not, uninstall it. If so, keep Java updated on your system.
[i]Do you need Java for desktop applications, but not for web sites?[/i] Completely disable the Java plug-in for your web browser(s).
[i]Do you need Java for a few websites, your so-called 'trusted sites'?[/i] In your web browser(s) settings, whitelist the Java plug-in for those websites URLs. The Java plug-in will be disallowed for all other web sites, including those you might be redirected to. Depending on your web browser, you may need to download an add-on to enable URL whitelisting (e.g., NoScript for Firefox).
And running OS X as either a standard or managed user, instead of as the Administrator in the default account, won't hurt.
It won't stop Here
This is inevitable. What we need to do is fortify our systems which means anti-virus and HD encryption on the PC and Mac.
Longer term the only solution is to move to managed platforms i.e. iPad, Windows 8 on ARM.
These will provide additional security and do not run unsigned code and implement Application sand-boxing.
They are not a panacea but at least more secure by design.
No...
This is as true on Windows as it is on Mac.