Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Apr 18, 2012, 09:36 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Flashback Malware Still Affecting over 100,000 Macs




While Apple has pushed out several software updates to detect the Flashback malware and remove it from infected systems, Symantec noted late yesterday that over 100,000 machines remain afflicted by the issue as detected by their sinkhole operation to redirect server traffic.




Symantec pegged the number at approximately 142,000 as of Monday, listing a rough estimate of "over 99,000" as yesterday's data was still coming in. Those numbers are down from a peak of over 600,000 machines two weeks ago, but a substantial number of machines are still infected by the malware.
Quote:
The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections at this point in time, but this has proven not to be the case. Currently, it appears that the number of infected computers has tapered off, but remains around the 140,000 mark.

As there have been tools released by Symantec and other vendors in the past few days concerning this threat, the infection numbers should have seen a dramatic decrease by now.
Symantec also takes a look at the domain name generator that allows infected machines to connect to their command-and-control servers to receive instructions. The generator uses a list of 14-character strings rotated each day, coupling each string with one of five top-level domains (.com, .net, .info, .in, or .kz) to find its instructions.

The report also claims that Flashback-infected systems can receive updated command-and-control server locations through Twitter, although no details on that process are provided. A similar claim was made for earlier versions of Flashback, although there has apparently been no demonstration of the Twitter delivery method actually being used.

Article Link: Flashback Malware Still Affecting over 100,000 Macs
MacRumors is offline   0 Reply With Quote
Old Apr 18, 2012, 09:41 AM   #2
definitive
macrumors 65816
 
Join Date: Aug 2008
New Malware out already?

http://arstechnica.com/apple/news/20...-mac-users.ars
definitive is offline   2 Reply With Quote
Old Apr 18, 2012, 09:41 AM   #3
basesloaded190
macrumors 68030
 
basesloaded190's Avatar
 
Join Date: Oct 2007
Location: Wisconsin
Send a message via AIM to basesloaded190
And those 100,000 people are probably the most at risk as they aren't aware if they are giving the wrong people their info or downloading the wrong things.
__________________
2011 MacBook Pro 15 HR Anti-Glare, Etymotic ER-4p, iPhone 4 32GB
Twitter
basesloaded190 is offline   2 Reply With Quote
Old Apr 18, 2012, 09:41 AM   #4
iBug2
macrumors 68040
 
Join Date: Jun 2005
Well, unless people install the remover app and run it, obviously they won't get rid of it. And there will always be many computer users clueless about these kinds of stuff.
__________________
MP Hex D700 32GB-1TB, rMBP 2.7 15" 16GB, ATD, iPhone 4S, iPad Air
iBug2 is offline   1 Reply With Quote
Old Apr 18, 2012, 09:42 AM   #5
Santabean2000
macrumors 65816
 
Santabean2000's Avatar
 
Join Date: Nov 2007
Seems like a lot, but I guess not as a percentage. Still, new threats, I fear, will soon become the norm.

It was good while it lasted.


I hope I'm wrong.
Santabean2000 is offline   6 Reply With Quote
Old Apr 18, 2012, 09:44 AM   #6
caligomez
macrumors regular
 
Join Date: Feb 2011
Location: San Juan, PR
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?
__________________
15" Macbook Pro (2011), iPad mini, iPhone 5
caligomez is offline   5 Reply With Quote
Old Apr 18, 2012, 09:46 AM   #7
tibi08
macrumors 6502a
 
tibi08's Avatar
 
Join Date: Sep 2007
Location: Brighton, UK
Quote:
Originally Posted by Santabean2000 View Post
Seems like a lot, but I guess not as a percentage. Still, new threats, I fear, will soon become the norm.

It was good while it lasted.


I hope I'm wrong.
Too early to make that call quite yet.
tibi08 is offline   1 Reply With Quote
Old Apr 18, 2012, 09:46 AM   #8
dBeats
macrumors 6502
 
Join Date: Jun 2011
Quote:
Originally Posted by caligomez View Post
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?

This is free and from the Mac App Store.


http://itunes.apple.com/us/app/clamx...30207028?mt=12
dBeats is offline   2 Reply With Quote
Old Apr 18, 2012, 09:51 AM   #9
Gemütlichkeit
macrumors 65816
 
Gemütlichkeit's Avatar
 
Join Date: Nov 2010
Must be those people who are scared to death of any updates and wait 4 years before finally committing.
__________________
"It does me no injury for my neighbor to say there are twenty gods, or no God." -Thomas Jefferson
Gemütlichkeit is offline   3 Reply With Quote
Old Apr 18, 2012, 09:52 AM   #10
Macman45
macrumors G5
 
Macman45's Avatar
 
Join Date: Jul 2011
Location: Somewhere Back In The Long Ago
Quote:
Originally Posted by Santabean2000 View Post
Seems like a lot, but I guess not as a percentage. Still, new threats, I fear, will soon become the norm.

It was good while it lasted.


I hope I'm wrong.
It will and Ive been expecting this for a while now. We have had it really easy compared to Windows users, and now with Apple's market share increasing, Macs becoming far more mainstream we are bound to become targets for the Malware brigade.

Taking sensible precautions and being careful about where you download stuff is still the best way to ensure a clean system. The figure of infected Mac's is really quite low compared to the total out there now.
__________________
Thats Not All Folks
Macman45 is offline   1 Reply With Quote
Old Apr 18, 2012, 09:52 AM   #11
caligomez
macrumors regular
 
Join Date: Feb 2011
Location: San Juan, PR
Quote:
Originally Posted by dBeats View Post
This is free and from the Mac App Store.


http://itunes.apple.com/us/app/clamx...30207028?mt=12

Thanks!!
__________________
15" Macbook Pro (2011), iPad mini, iPhone 5
caligomez is offline   1 Reply With Quote
Old Apr 18, 2012, 09:53 AM   #12
CMelton
macrumors regular
 
Join Date: Dec 2008
Location: London, UK
Quote:
Originally Posted by Gemütlichkeit View Post
Must be those people who are scared to death of any updates and wait 4 years before finally committing.
Ex-Windows Users?
CMelton is offline   -8 Reply With Quote
Old Apr 18, 2012, 09:53 AM   #13
mac0x
macrumors newbie
 
Join Date: Apr 2012
Quote:
Originally Posted by caligomez View Post
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?
You don't need security software, not now or in the future.

But think about a handy firewall, just like 'little snitch'.

The so called Trojan could never contact any server with little snitch installed.
little snitch alerts you beforehand, you simply say 'no'. And that's it !

Don't panic!



MacWorld Quote:
“Little Snitch 2 marks such a dramatic improvement in user interface and functionality that I can unreservedly recommend the affordable upgrade, or an initial purchase.”
Mark H. Anbinder, May 2008
Mac Gems: Little Snitch 2.0.3


All you need to know:
  • Shareware platforms are one of the big sources for malware and so called mac trojans.
  • Never install a flash update unless it is from www.adobe.com.
  • Deactivate Java completely, you will never need it. And if you really are one in a million, who needs it, get familiar with the threats that come along with it.

Last edited by mac0x; Apr 18, 2012 at 10:03 AM.
mac0x is offline   -5 Reply With Quote
Old Apr 18, 2012, 09:56 AM   #14
chrono1081
macrumors 604
 
chrono1081's Avatar
 
Join Date: Jan 2008
Location: Isla Nublar
I don't understand the concern everyone has. One trojan that infected 1% of Macs (thats right, 1%) and is easily fixed with an update compared to over a million known malware variants on Windows systems is nothing.
__________________
Mac Pro (2010): 3.33Ghz Intel Xeon (6 core) - 24 GB RAM - NVidia Quadro k5000
Macbook Air (2010): 2.13 Ghz Intel Core 2 Duo - 4GB RAM
chrono1081 is offline   7 Reply With Quote
Old Apr 18, 2012, 10:01 AM   #15
FloatingBones
macrumors 65816
 
FloatingBones's Avatar
 
Join Date: Jul 2006
Apple is only providing fixes for OS X 10.7 and 10.6. Aren't there still significant numbers running Leopard or earlier?

Have media reports about Flashback explained how users were sent to infected websites in the first place? I presume it's been through URLs in junk e-mail, but I haven't heard any confirmation of that.
FloatingBones is offline   1 Reply With Quote
Old Apr 18, 2012, 10:02 AM   #16
bsolar
macrumors 6502a
 
Join Date: Jun 2011
Quote:
Originally Posted by caligomez View Post
Do we really need antivirus software for Macs? I mean, assuming the growth of the platform, and that more and more malicious programs will be written.. I consider myself pretty smart in avoiding infection, but it only takes one savy developer to trick you with some method you didn't anticipate..

I don't have any type of security software.. Should I? If so, which is the best for Mac?
In my opinion if you take some basic precautions antiviruses are not worth the hassle. If you don't install random stuff from insecure sources and disable automatic plugin execution in the browser (click-to-play is pretty nice), you are already pretty safe.

Note that antiviruses have their drawbacks. They tend to hit performance pretty hard and can cause major issues when a false positive hits some legitimate file. Also you need to keep them updated on a daily basis, and even when fully updated there is no guarantee they have 100% coverage.
bsolar is offline   0 Reply With Quote
Old Apr 18, 2012, 10:13 AM   #17
bushido
macrumors 603
 
bushido's Avatar
 
Join Date: Mar 2008
Location: España y Germany
how are people getting this, it must be a needle in a haystack
__________________
¡No hables a menos que puedas mejorar el silencio!
Don't judge me by my user name - I was young and stupid xD
bushido is offline   1 Reply With Quote
Old Apr 18, 2012, 10:13 AM   #18
finkmacunix
macrumors regular
 
Join Date: Feb 2011
Quote:
Originally Posted by mac0x View Post
[*]Deactivate Java completely, you will never need it. And if you really are one in a million, who needs it, get familiar with the threats that come along with it.[/LIST]

Like the millions who play Minecraft?
finkmacunix is offline   4 Reply With Quote
Old Apr 18, 2012, 10:16 AM   #19
baryon
macrumors 68030
 
baryon's Avatar
 
Join Date: Oct 2009
As I installed today's Flash update, I thought to myself: how am I supposed to know if this is really Flash, or if this is actually a trojan?

So you guys tell me: how?
__________________
Sent from my iPod Shuffle
baryon is offline   3 Reply With Quote
Old Apr 18, 2012, 10:18 AM   #20
hkenneth
macrumors regular
 
Join Date: Jul 2011
Quote:
Originally Posted by mac0x View Post
You don't need security software, not now or in the future.

But think about a handy firewall, just like 'little snitch'.

The so called Trojan could never contact any server with little snitch installed.
little snitch alerts you beforehand, you simply say 'no'. And that's it !

Don't panic!



MacWorld Quote:
“Little Snitch 2 marks such a dramatic improvement in user interface and functionality that I can unreservedly recommend the affordable upgrade, or an initial purchase.”
Mark H. Anbinder, May 2008
Mac Gems: Little Snitch 2.0.3


All you need to know:
  • Shareware platforms are one of the big sources for malware and so called mac trojans.
  • Never install a flash update unless it is from www.adobe.com.
  • Deactivate Java completely, you will never need it. And if you really are one in a million, who needs it, get familiar with the threats that come along with it.
The internal firewall in Mac OS X is robust enough I think. You do need to learn how to configure it though. http://www.ibiblio.org/macsupport/ipfw/

----------

Quote:
Originally Posted by baryon View Post
As I installed today's Flash update, I thought to myself: how am I supposed to know if this is really Flash, or if this is actually a trojan?

So you guys tell me: how?
If you wanna update Flash, download it directly from Adobe, not any third-party website.
hkenneth is offline   3 Reply With Quote
Old Apr 18, 2012, 10:19 AM   #21
bwillwall
macrumors 6502a
 
Join Date: Dec 2009
The 100,000 most retarded mac users on a chart. lmao
bwillwall is offline   -7 Reply With Quote
Old Apr 18, 2012, 10:19 AM   #22
tatonka
macrumors 6502
 
Join Date: Aug 2009
Quote:
Originally Posted by mac0x View Post
You don't need security software, not now or in the future.

But think about a handy firewall, just like 'little snitch'.

The so called Trojan could never contact any server with little snitch installed.
little snitch alerts you beforehand, you simply say 'no'. And that's it !

Don't panic!
The problem with this kind of software is often that it gives you a false sense of security where there really is none. These personal firewalls are easily tricked by hijacking legitimate web traffic or even disabling them entirely. On an infected computer nothing is save and nothing is certain.
That said .. having something like personal firewalls will still increase your security, just don't used it as an excuse to stop be aware and cautions in other places.

T.
tatonka is offline   1 Reply With Quote
Old Apr 18, 2012, 10:22 AM   #23
314631
Banned
 
Join Date: May 2009
Location: iDeaded myself
I call BS on all the Flashback misinformation. I have not seen this malware on any of my 3 Macs. None. Never.

I refuse to believe this is a real problem. It all sounds like Windows fanboi fud to me.
314631 is offline   -7 Reply With Quote
Old Apr 18, 2012, 10:24 AM   #24
cua360
macrumors newbie
 
Join Date: Apr 2012
Location: West Coast
Earlier OS Versions & Flashback

I know 3 people who have 10.4 / 10.5 running. How should they check/reid themselves of this trojan? i have yet to see advice on this.
cua360 is offline   1 Reply With Quote
Old Apr 18, 2012, 10:25 AM   #25
mytdave
macrumors 6502
 
Join Date: Oct 2002
malware

1. Macs are still the safest platform on the planet. 100k infections compared to millions of infected Windows systems is nothing, and this particular trojan is easily avoided. As usual, computer n00bs were/are the weak link.

2. Always run anti-virus software, but choose a product that's not going to kill system performance or constantly run in the background and do all kinds of unnecessary stuff. Even if your Mac won't be infected, you can store and pass along files laden with Windows viruses to friends and colleagues. Help keep them safe. I use ClamXav myself.

3. Keep your system updated. 'Nuf said.

4. MacOS has a built-in firewall. Use it. Will it keep everything out? No. Will it help? Yes.

5. Download/install apps/plugins/etc. only from reputable sources. When you update Flash, get it only from Adobe.com. For duh!

6. Pay attention to industry news. When malware such as this surfaces, someone usually detects it reasonably quick, and avoidance/repair measures are usually produced in short order.

7. Each new version of MacOS X becomes more secure. Keep up to date.

8. Yes, Apple could do a better job addressing malware.
mytdave is offline   3 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Probable Flashback malware problem jbarnes OS X 2 Apr 2, 2014 05:38 AM
Yahoo Malware infects 300,000 per hour luckydcxx Apple, Industry and Internet Discussion 4 Jan 7, 2014 07:27 PM
Malware that remote controls Macs? Mafamaticks OS X 10.8 Mountain Lion 1 Aug 15, 2013 12:41 PM
T-Mobile USA Now Supporting 1.9 Million iPhones, Adding 100,000 Per Month MacRumors MacRumors.com News Discussion 40 Jan 12, 2013 07:28 PM
$100,000 bounty for anti-Islam filmmaker FrankieTDouglas Politics, Religion, Social Issues 66 Sep 26, 2012 10:54 AM

Forum Jump

All times are GMT -5. The time now is 04:42 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC