The first major botnet controversy is bringing Apple deep trouble. The tech giant is doing everything to stop the Flashback infection, but the malware continues to haunt Mac users. A security firm named Intego has discovered a new variant of Flashback dubbed Flashback.S. Now Apple has to deal with more than one malware and the Flashback Trojan is anything but dead.
The new variant drops two files on the targeted system taking advantage of Java vulnerability. Afterwards, it deletes all files and sub-folders from Java's cache folder. Clearing the cache, Flashback.S goes undetected. According to a recent report by Kaspersky, the botnet is spreading though blogosphere. The malware spreads typically when one opens infected WordPress blogs.
Russian security firm Dr. Web was the first company to discover Flashback Trojan. On April 4, the company predicted that over 600,000 Mac systems are infected by Flashback Trojan. Subsequently, Apple released a security patch against Flashback. Also Apple tried to shut down one of Dr. Web's servers, suggesting that the firm is involved directly or indirectly in the development of the malware.
Last week, it was believed that malware infection has cooled down and the number of infected PCs has lowered to 140,000, as reported by Symantec. But the April 20 post on Dr. Web claims that more than 560,000 systems are still infected with this malware. Dr. Web claim that the botnet has controlled more than 817,000 systems. At an average, 550,000 systems contact the command and control servers during 24-hour time period.
Even though Apple has released a security patch for Mac OS X, the new variant easily skips its detection by working in a little different way. It does all the tricks by deleting Java cache.
Mac OS X has always been considered as a clean system when it comes to security threats. But the recent reports have turned the tides against Apple's favor. The one reason to the problem is that all users are not installing the patch. Also, the patch is only available for system running Mac OS X 10.6 or higher.
To stay away from Flashback, it is recommended to take precaution and the only precaution, at the moment, is disabling Java.
Has your Mac been infected by the Flashback Trojan? Let us know what you've done to protect your Mac.
(reported by Johnny Wills, edited by Dave Clark)
© Copyright 2024 Mobile & Apps, All rights reserved. Do not reproduce without permission.