New OS X malware variant attacks unpatched Macs
Summary: A new malware variant sets out to punish those who haven't been keeping up to date with updates.
Patching OS X is so simple, but yet there are people who still put it off. A new malware variant sets out to punish those who haven't been keeping up to date with updates.
The new variant is a Trojan horse called 'Flashback.G' and is makes use of two exploits found on older versions of the Java runtime. Users with macs running OS X 10.6 'Snow Leopard' are particularly at risk since this version came with Java preinstalled while 10.7 'Lion' did not.
According to security firm Intego, this malware uses three tricks to try to get itself installed onto a system:
This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.
Image credit: Intego
This Trojan looks for specific websites (such as Google, Yahoo!, CNN, bank websites, PayPal, and so on) and tries to grab the user names and passwords used to log onto the sites.
If you are running OS X 10.6 then it is vitally important that you check to see that you have the latest Java update installed by running Software Update from the Apple menu.
DO IT NOW!!!
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
hmmm
And if it's already infected?
The most useful link I've found is http://www.powerpage.org/2012/02/23/intego-announces-discovery-of-flashback-g-trojan-variant-advises-caution/
It gives information on how to check for infection and suggestions on removal.
And if it's already infected?
and if it's already infected
And yet . . . .
Equally, the Mac malware epidemic has been predicted for the last 10 years, along with how it will be so bad because Mac owners are ignorant about security . . . yet like the global flu pandemic, and the Rapture, it never actually arrives.
Thanks for this post
About two months ago I was infected with a drive-by
It's a real mess over there with dozens of people going in there every day in the same boat as I was. And I was using Windows 7. Fully patched with the latest plug-ins!
The chances of this happening on a Mac just doesn't even compare.
This HAS TO BE false...
So this article, the article a few days ago, and all of the articles by Ed Bott and others in the tech blogosphere simply must be wrong. It's not like Apple has a malware solution in place for it's users...
/sarcasm
In all seriousness Mac users - you guys really need to keep your system updated and practice vigilance to ensure you don't get infected. I'm not going to go into the whole Mac vs Windows pissing match but you could learn something from the windows users who had to learn what to look out for.
And they still say that
I just wish they would be honest and make people aware of the threats that people commonly fall for today that really have no bearing on what Operating System you use. I have warned people about threats that circulate through email and Facebook that phish out or steal personal data only to have people comment that they do not need to worry about that because they have a Mac. Ah how naive they are.
I'm surprised to hear that
Oh, wait, Apple denied that even happened.
The truth about OS X and viruses...
But let's be clear, folks. If the people at the Apple store are telling you, "Apple makes their computers more secure than other brands" they are STILL telling you the truth. Apple's products ARE still more secure. That's not fanboy opinion, it's simply reality.
As well, it's true that phishing, etc. via email are threats everyone needs to worry about because they've got nothing to do with the operating system you use. They are entirely playing on vulnerabilities that are human-firmware based. (i.e. If you're dumb, they get ya).
But again, it's not dishonest to say that Apple's are safer. They are. And it's not just because Apple has a smaller share of the market than Windows, either. OS X, in addition to very good security of other kinds, is unix-based. Unix has long been the operating system of mainframes, etc. that are in great need of great security and reliability. Apple was smart enough to reap those advantages, which resulted in one of the most secure and reliable systems out there.
In 15 years of working daily on a Mac, I have never had any security issues... and where even the most modest threats have appeared in the wild, Apple has always promptly issued trouble-free security patches.
Bull to "and they still say that"
They don't need to make a sales pitch. Your wife already owned an iPhone (surprise!) so there was nothing to sell. More phony stories, eh bobiroc?
Besides, I've never heard a "sales pitch" while I was in an Apple store. The product sells itself. People tend to come into their stores with their minds already made up. There are exceptions to that, of course...
[i]They still say as a Mac user you never have to worry about any type of infection or viruses because Apple makes their computers more secure than other brands.[/i]
I don't believe that. Not for a second.
There's a difference between viruses and trojans
So far as I'm aware, there still aren't any actual viruses that infect OS X. All the Mac OS X malwares I've heard about have been trojans.
(There were Mac viruses in the pre-OS X days.)
RE: There's a difference between viruses and trojans
The problem is actually with the Java runtime engine, which one could argue is not part of the OS, BUT... Apple is including a flawed version of Java with the default install of the OS, so who is really to blame here? The social engineering trick is only done after attempts at a direct exploit fail.
Using your analogy - Apple is including a flawed deadbolt when they build the house. Apple may not make the deadbolt, but by including it in the design of the house they put you at risk. The bad guy can either pick the lock or try to trick you into letting him in - either way it's still a flaw.
RE: There's a difference between viruses and trojans
@stevenjklein EXACTLY
Macs in this day & age have a lot less to fear than PCs do. Something the Redmond crowd still can't get over from good old XP days. Some of them actually cheer this kind of stuff in spite of their phony, benevolent protestations otherwise.
So the same reasons Windows users get infected then?
[ul][*]Upatched Plugins/3rd Party Software[/ul]
[ul][*]Unsafe Browsing Habits[/ul]
[ul][*]Social Engineering Attacks[/ul]
Shadenfreude...
It will be years before that advice (buy Macs, they are much, much more safe) stops being good and sound advice. Until then, whenever a new trojan appears for a Mac (and they appear so rarely, they always make front pages), Windows users will get their chance to rejoice...
Shadenfreude...
"A fully-patched Windows XP computer (with no additional software, such as anti-virus) is compromised within minutes of being put on the internet; meanwhile, vast majority of Macs out there do not even run any antivirus, and have been exposed to the internet for years, without compromise. And almost half of all Windows PCs out there still run Windows XP...
It will be years before that advice (buy Macs, they are much, much more safe) stops being good and sound advice. Until then, whenever a new trojan appears for a Mac (and they appear so rarely, they always make front pages), "
Thats because nobody writes malware and viruses for Macs because there is not as large of a user base, hence, less chance for large profits for attackers. It is never good advice to buy a Mac because they are more safe and don't need antivirus protection. This is the same reason I run Linux. There is a smaller user base and nobody writes viruses for it. I am not naive enough to say it is safer and I don't need malware/virus protection (even though you can limit sudo, root, groups, etc...)
BTW, I rejoice every time an Apple user gets infected on their "immune" machine because they took the good advice of an "apple genius" that said, "Macs cannot catch a cold, it is impossible." LMAO
Unix, unix, unix...