600,000 ‘Virus-Proof’ Macs Infected With Flashback Trojan


After years of not being worth targeting with major malware, it's been discovered that 600,000 "virus-proof" Macs have been infected with a nasty trojan that installs itself via a Java vulnerability. Cue the PC fanboys, it's a friggin' state of emergency!

Russian antivirus vendor Doctor Web first reported that a Java vulnerability has lead to a backdoor method for a trojan to install itself on machines running OS X.

Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web's virus analysts discovered a large number of web-sites containing the code.

The exploit saves an executable file onto the hard drive of the infected Mac machine. The file is used to download malicious payload from a remote server and to launch it.

You can see a list of some of infected sites to stay awy from on Doctor Web. It's believed that there could be four million websites that are infected that can spread the trojan.

Doctor Web's research shows that most of the 600,000 infected Macs are in the U.S. with 56.6 percent of the pie, Canada coming in second with 19.8 percent and the U.K. rounding out third with 12.8 percent. The rest of the infections are scattered across the globe.

To check if your Mac is one of the 600,000 infected, follow these steps at F-Secure. Instructions for manually removing the trojan are also detailed over there.

Apple's since issued a Java security update to patch the vulnerability. If your Mac isn't infected, hit up the Software Update and grab the patch to protect your computer.

One of the reasons Apple claims Macs don't get viruses (for the most part) is because Macs compromise of so little of the PC market that malware programmers would gain little from targeting them. With Windows on so many more PCs, it's more lucrative to infect them instead.

But now that Macs are becoming more popular, we could see a shift in tactics for malware programmers.

Doctor Web, via ArsTechnica

For the latest tech stories, follow DVICE on Twitter
at @dvice or find us on Facebook
Copyright DVICE - DVICE
Contact Us