Only 4 and a half hours til I get out of work and can go home and check my machine. What a bummer having to worry about these things. I don't get why people have to be jerks and create these problems for people. I haven't installed anything suspicious but I am under the impression that my machine can get a Trojan just by going to certain web pages and not even installing anything? I apologize in advance if I am not understanding correctly how a Trojan can get into my machine.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
600,000 Macs Worldwide Reportedly Infected by Flashback Trojan
- Thread starter MacRumors
- Start date
- Sort by reaction score
Stop press! world headlines! one trojan found for the Mac!
And in the Windows world? The fact that it is such big news, that there are so very few of them (and ones you have to install yourself at that) shows the big difference between the OSs in terms of trojans. As for viruses, forget it.
In any case, - java? Just switch the damn thing off.
Because why would anyone waste their time infecting 15% of the computer base?
I'm amazed that some is so bored that they created a trojan for Apple computers.
Read and learn.
There are, however, trojans that can be installed without elevated privileges, thus not requiring an admin password.
So much for Macs not needing antivirus.
It was on this very site that I read a thread with user after user after user commenting that antivirus was not necessary on a mac because they are immune. Oh well.
It was on this very site that I read a thread with user after user after user commenting that antivirus was not necessary on a mac because they are immune. Oh well.
They still don't need antivirus to be malware-free.
Name one post where someone said Macs are immune. If someone said that, they're uninformed.
will the latest java update have deleted it, in case I had it?
----------
wear protection next time
Wirelessly posted
Sorry I asked earlier if Software Update would remove the malware if found? But I got conflicting reports back, is someone sure if it does or does not?
Sorry I asked earlier if Software Update would remove the malware if found? But I got conflicting reports back, is someone sure if it does or does not?
It's ironic that it's funny when hackers are throwing rocks as windows but now that hackers are having their horses kick the apple, it's not funny anymore.
Software Update does NOT remove malware. It only updates Java to a newer version that doesn't have the vulnerability. There is no malware removal function in Software Update. I think the conflicting comment was facetious.
I just got the Java update from Apple - this is what is says when you click details:
Java for OS X 2012-001 delivers improved compatibility, security, and reliability by updating Java SE 6 to 1.6.0_31.
Please quit any web browsers and Java applications before installing this update.
See http://support.apple.com/kb/HT5055 for more details about this update.
See http://support.apple.com/kb/HT1222 for information about the security content of this update.
Java for OS X 2012-001 delivers improved compatibility, security, and reliability by updating Java SE 6 to 1.6.0_31.
Please quit any web browsers and Java applications before installing this update.
See http://support.apple.com/kb/HT5055 for more details about this update.
See http://support.apple.com/kb/HT1222 for information about the security content of this update.
This Java exploit can only place itself in your user directories. It doesn't have permission to install itself to /Applications or any system directories. It can't keylog you. It can't delete data outside your user directory. It does not have admin privileges. It also only works on Safari and only modifies websites you visit, even if you give it your admin credentials. If you didn't it would only work on the user account you are currently on since it has no admin privileges to write to another user account or system directory.
This does seem like a a flaw of Apple for not properly sandboxing Java and allowing Java write to:
~/Library/Application Support/
/Users/Shared/
~/.MacOSX/
Last edited:
I didn't get this update option when I went to software update this morning. Am I doing something wrong? Or maybe could it be because I never installed java? 
Pre-Intel Mac (PowerPC) users have been left vulnerable for while since Java and Flash stopped getting updated for those computers, and Apple stopped most security updates for those Macs as well about 8 months ago.
Well, this is one:
https://forums.macrumors.com/threads/1354087/
And he is so far the only one. But he sadly didn't care to post in this thread. Which skews things tremendously.
This russian antivirus company claims around 300K infections in the US. What percentage is that? Let us just calculate really sloppy: Apple sold 2 million Macs in the christmas quarter in the United States. Around 8 million for the year. Let us say a Mac computer has an average product life of 5 years and look up how many Macs Apple sold in Q4 2006: the answer is 975,000 Macs. Let us assume a linear progression and the total result/estimation is 32 million. So infection rate should be 1%.
According to the Macrumors statistic page there are "Currently Active Users: 12048" (Holy ****! That are many!) 658 users are viewing the Mac OS X subforum. On average 7 of them should be infected. So if the numbers are right I would suspect there should be more postings here?
https://forums.macrumors.com/threads/1354087/
And he is so far the only one. But he sadly didn't care to post in this thread. Which skews things tremendously.
This russian antivirus company claims around 300K infections in the US. What percentage is that? Let us just calculate really sloppy: Apple sold 2 million Macs in the christmas quarter in the United States. Around 8 million for the year. Let us say a Mac computer has an average product life of 5 years and look up how many Macs Apple sold in Q4 2006: the answer is 975,000 Macs. Let us assume a linear progression and the total result/estimation is 32 million. So infection rate should be 1%.
According to the Macrumors statistic page there are "Currently Active Users: 12048" (Holy ****! That are many!) 658 users are viewing the Mac OS X subforum. On average 7 of them should be infected. So if the numbers are right I would suspect there should be more postings here?
You should read that article more carefully. It does, indeed, modify Safari.app, which is in the /Applications folder. An Admin password is not required to modify the contents of the /Applications folder.
It doesn't need to do any of those things to affect your Mac. Read again and learn what the payload is.
Not true. It also affects Firefox.
If you don't have Java installed, there's nothing to update.I didn't get this update option when I went to software update this morning. Am I doing something wrong? Or maybe could it be because I never installed java?
You need to take your own advice and read it more carefully.
It can not write to /Applications/Safari.app/ if you didn't manually give it your admin credentials(assuming you even have it in the first place)... It can not keylog you or spread to other accounts or computers. It can not touch anything outside your limited user account without you manually giving it permission to do so. You have no clue what you're talking about.
This is one of the main differences in why Windows users are so easily exploited and there have been ZERO viruses for OSX over the past 11 years. There is no way for any app to write outside of the user account without requesting the user to manually give an application full administrative access by entering the correct user/pass.
It doesn't affect Firefox or any other browser other than Safari either. It intercepts CFReadStreamRead and CFWriteStreamWrite APIs of Safari. It also has a filter that only allows it to interact with Safari regardless.
Last edited:
Thanks for your reply GJJstudios. That makes sense now. I feel kinda dumb for totally forgetting I never even installed java when I set up my new iMac recently. Does the fact I never installed java decrease, increase or not change my vulnerability to this Trojan?
