How to defend against Flashback malware, which hit 600K Macs

A Trojan called Flashback is on the loose. The target: Apple Mac laptops and desktops. Good thing Apple released two defensive patches.

The Flashback Trojan has struck more than 600,000 Mac computers worldwide, according to a new report. Here, an analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory.

Apple users are accustomed to thinking of their Macs as malware-resistant, if not completely virus-proof.

Which is what makes the news of the Flashback Trojan so frightening: Here's a piece of malware which has infected a reported 600,000 Mac machines around the globe, creating in the process a sprawling botnet army that stretches across at least a dozen countries, including the US, Canada, Japan, and Australia

According to the Russian tech site Dr. Web, which has extensively studied the Flashback Trojan, approximately 56 percent of the affected machines are in the US. Computers become infected "after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system," the team at Dr. Web wrote yesterday. "JavaScript code is used to load a Java-applet containing an exploit."

So can Flashback Trojan be stopped? Well, as the tech site F-Secure notes (hat tip to ZDNet for the link), machines can be disinfected, although the process is "risky" and recommended "only for advanced users." Meanwhile, Apple has released two patches, which should help prevent the Flashback attack: one is here, and the other is over here

Bottom line here, folks: Macs are not – nor have they ever been – infallible. 

"Tech types knew [the purported invulnerability of Macs] was a fallacy, but consumers ate it up enough to make Macs a growing sliver of the PC market," Andrew Nusca of ZD Net writes today. "OS X remains a minority around the globe, but its growth in popularity begets growth in attacks. It was only a matter of time."

For more tech news, follow us on Twitter @venturenaut. And don’t forget to sign up for the weekly BizTech newsletter.

of stories this month > Get unlimited stories
You've read  of  free articles. Subscribe to continue.

Unlimited digital access $11/month.

Get unlimited Monitor journalism.