Apple has always hailed Mac as a very secure system. However, this has been proved wrong in the past and now, we have yet another malicious malware that has made encroaches into Mac systems. According to Kaspersky Labs, a Flashback Trojan has silently been infecting Mac systems for some months now and as of now, about 600,000 Mac systems have been infected by it.
The worst part about this malware is that it needs absolutely no interaction from the user’s end. The user doesn’t have to give away his password or do any of the regular stupid things to fall for it. All a user has to do is visit a page from his Mac which as a current version of Java installed. This flaw has already been discovered and Oracle patched it up back in February. However, Java used on Macs didn’t get the same patch until early April. This meant that for months, there was this exploit present which was made use of by the Flashback trojan, thus infecting some 600,000 Macs so far.
The trojan was discovered recently and Kaspersky Labs have now confirmed its existence. The researchers at the company released the following statement,
“We reverse engineered the first domain generation algorithm and used the current date, 06.04.2012, to generate and register a domain name, “krymbrjasnof.com”. After domain registration, we were able to log requests from the bots. Since every request from the bot contains its unique hardware UUID, we were able to calculate the number of active bots. Our logs indicate that a total of 600 000+ unique bots connected to our server in less than 24 hours. They used a total of 620 000+ external IP addresses. More than 50% of the bots connected from the United States.”
Apple is proud of the fact that its Mac OS is fairly reliable and secure, and that is true to a great extent. However, what Apple can’t avoid is the infection of Macs through the exploits present in third-party software. And that is also what has happened in this case. Mac has been fairly safe for a long time – but with the growing popularity of the platform, it seems that the bad guys are finally beginning to discern their opportunity and have actively started targeting Mac systems. The question is, will Apple make any major changes to the platform to ramp up its security?
Image courtesy bfishadow.