Flashback and your Mac

Chances are you know someone with a Windows PC, and chances are you have heard them grumble about the latest piece of virus or spyware that has infected their machine. In the past, Macs were relatively free from these worries but over the last year or so there have been reports about malware targeting Macs. Now, there were a reported half a million Macs already infected by a piece of malware known as Flashback.

If you haven’t heard the news about Flashback yet, it’s a malware program that has been designed with the sole purpose of adding your computer to the ranks of its botnet—a network of computers under control of the creator of the trojan, that can be used for whatever nefarious purposes the malware creator deems fit. The real worrisome part is you could be infected and not even know it! The software doesn’t ask you for your password; it installs itself without any intervention from you. This type of “drive-by download” is most commonly found on the shadier corners of the Internet—the websites with 24/7 cams, free iPods because you are the 1,000,000th visitor, and especially sites that offer pirated softare.

Many are asking how this could happen due to the strong security inherent in Mac OS X. The answer is that, while Mac OS X itself is secure, the programs that run upon it may not be as stringent in their security measures. Runtime environments such as Java and Adobe Flash leave the user open to vulnerabilities, because each runtime environment functions as its own OS in a way; they allow code to be executed and it is this ability that is being exploited by Flashback. Flashback used a known vulnerability in Java to install itself on a user’s computer without any end-user interaction being required.

All is not lost, though, as Apple and a number of anti-virus vendors have already released tools that you can use to both check for and remove the malware.

If you desire even greater protection you should disable Java within your browser to prevent future attacks that may use similar exploits to infect your computer. MacPerformanceGuide has an excellent guide explaining how to disable Java in your browser as well as a selection of articles on how to setup your Apple computer for maximum security.

If you absolutely need Java, then be sure to run software update and apply the new patch from Apple that closes the vulnerability in Java that allowed Flashback to run in the first place. However, this is only available to Mac OS X 10.6.x and 10.7.x users; patches are not available for earlier versions.


LEAVE A COMMENT