If you somehow still believed that Apple computers are immune to malware, it’s time to get real. A security researcher is reporting that more than half a million Macs have been infected with a Trojan known as Backdoor.Flashback.
According to Doctor Web, a Russian seller of anti-virus software, the Trojan works along lines that are very familiar from the PC sector. A dodgy link takes the browser to an infected website that uses Javascript to get the infection onto the computer. At least four million webpages currently house the virus, and it appears many are using the .nu domain that is officially for sites based on the small Pacific island of Niue, but actually often used by foreign firms for its linguistic appeal.
The Flashback name comes from the way the Trojan was originally housed within a bogus update for Adobe Flash, before the creators switched to the infected website strategy.
Once installed the software hooks up with a control server and awaits further instructions. The control server is able to send out and run executable files on the infected machines. Doctor Web has intercepted these communications and found 550,000 separate machines have been compromised in this way, with 76 percent located in the US or Canada (see image above).
The Trojan takes advantage of several vulnerabilities in the Java feature on the latest editions of OS X, most notably a breach that means the sandbox protection on Java is compromised, allowing code to be run without the user’s express permission. Apple is urging users to update their system to Java version 1.6.0_31 via the software update option in the system preferences panel. There’s been some controversy as Java creator Oracle came up with a fix back in February, but it’s only just been made available by Apple to Mac users.
The good news is that so far it doesn’t appear the creators have been able to capitalize on the network of infected machines yet.
The incident should serve as a reminder that although Macs have a better security record, this is a combination of a smaller target audience and less user control to be exploited, rather than Apple computers being magically immune. That brings into question some Apple adverts that, while not specifically claiming Macs can’t be hit by viruses, has been perhaps over-dismissive of the potential risks.