Antivirus Firms Release Free Tools for Cleaning Macs Infected by Flashback

[faroZ06]

Company offers free antivirus software? Is this not just a precursor to getting you to buy there antivirus software. Coming from a PC background I've always been suspicious that Norton and others have 1 department creating viruses whilst another creates antivirus software. Or am I just skeptical?
Either way as I'm waiting to buy a new iMac I'm less than happy to hear about Mac viruses.

All Mac antivirus software is a scam. My mom's friend paid a lot of money to get her Mac cleaned of "viruses". Anyway "Mac antivirus" is an oxymoron. As for antimalware, that is easy to do without paying.

----------

I dunno, man. They used Unix based mainframes at Isla Nublar, and look how that turned out.

I laughed when I saw that part in the movie when I first watched it in 2011. The kid said, "This is a UNIX system!"

 

[AidenShaw]

All Mac antivirus software is a scam. My mom's friend paid a lot of money to get her Mac cleaned of "viruses". Anyway "Mac antivirus" is an oxymoron.

People who don't admit that "virus" and "malware" mean the same thing to most people miss the point.

If your identity and credit card numbers are sent to criminals in the Ukraine - is it "OK" if malware sent the info and "bad" if a virus sent the info?

I'd think that most people would label it as "bad" regardless of minor technical details of the infection.

And add to that the simple truth that viruses aren't really that common anymore - OS changes have made the threat of viruses fairly small. When you get a product like Norton, you're buying "anti-malware" protection - even if the product name contains the word "antivirus" for historical familiarity.

 

[faroZ06]

People who don't admit that "virus" and "malware" mean the same thing to most people miss the point.

If your identity and credit card numbers are sent to criminals in the Ukraine - is it "OK" if malware sent the info and "bad" if a virus sent the info?

I'd think that most people would label it as "bad" regardless of minor technical details of the infection.

Both are equally bad, yes, but viruses are easier to get infected by and typically harder to remove. Antivirus software is a must when you are vulnerable to viruses because they will infect you without you knowing.

However, Apple is already preparing for malware attacks, and Mac malware has been easy to get rid of so far. Having antivirus on a Mac barely does anything, and it doesn't do anything that can't be done easily for free. In fact, it slows you down and costs a considerable amount of money, so it's not worth it.

The antivirus is even sometimes worse than a virus.

 

[AidenShaw]

Both are equally bad, yes, but viruses are easier to get infected by and typically harder to remove. Antivirus software is a must when you are vulnerable to viruses because they will infect you without you knowing.

So, the 600K Apples infected with Flashback all had users who knew that they were being infected?

LOL

Just get off the "virus vs. malware" track - malware is where the money is, there are very few viruses in the wild today. Network firewalls (both OS level and home router-based, and even simple NAT) and OS changes have greatly reduced that potential for virus propogation.

"Drive-by malware" (like Flashback) is where the money is. The criminals are exploiting application holes and user ignorance - and both Windows and Apple OSX have application holes and ignorant users.

 

[linuxcooldude]

People who don't admit that "virus" and "malware" mean the same thing to most people miss the point

That's why we have security professionals who do know the difference. There will always be a market that caters to the detection, removeal & prevention of viruses, malware, trojans etc. just because of the average person not knowing these things. It may not matter to the general public, but does so to the buisnesses who provide these services.

 

[faroZ06]

So, the 600K Apples infected with Flashback all had users who knew that they were being infected?

LOL

Just get off the "virus vs. malware" track - malware is where the money is, there are very few viruses in the wild today. Network firewalls (both OS level and home router-based, and even simple NAT) and OS changes have greatly reduced that potential for virus propogation.

"Drive-by malware" (like Flashback) is where the money is.

To answer your question, no, and I never said they knew. The 600K users infected themselves unknowingly by opening the malware (and not just getting infected by a virus). And why are you mentioning that malware is where the money is? I know that. I also know that viruses are becoming less of a problem than before since less people are making them. More reasons not to get antivirus for Mac. I'm pretty sure that there will be no Mac virus.

Even if you were to go with the belief that they can get viruses, it is unlikely that a Mac virus will ever be created because even if Mac OS becomes the dominant PC OS, by then, nobody will be making viruses anymore at all. Why get antivirus for Mac?

----------

I dunno, man. They used Unix based mainframes at Isla Nublar, and look how that turned out.

I wonder if that was product placement, UNIX in Jurassic Park?

 

[AidenShaw]

The 600K users infected themselves unknowingly by opening the malware (and not just getting infected by a virus).

And were the 600K happy that they were infected by malware rather than a virus?

As I said, just get off the "virus vs. malware" track - to almost everyone they are the same thing, something bad on the computer.

More reasons not to get antivirus for Mac.

As I said, companies sell packages that protect against threats, even as the threats evolve. A product named "FUBAR AntiVirus" may contain anti-malware as well as anti-virus features.

Don't dismiss a possibly useful security tool because it has the five letters "v i r u s" in its name.

I'm pretty sure that there will be no Mac virus.

And I'm pretty sure that the people infected with this and future Apple OSX malware won't give a damn about petty distinctions between "virus" and "malware".

 

[faroZ06]

And were the 600K happy that they were infected by malware rather than a virus?

As I said, just get off the "virus vs. malware" track - to almost everyone they are the same thing, something bad on the computer.




As I said, companies sell packages that protect against threats, even as the threats evolve. A product named "FUBAR AntiVirus" may contain anti-malware as well as anti-virus features.

Don't dismiss a possibly useful security tool because it has the five letters "v i r u s" in its name.




And I'm pretty sure that the people infected with this and future Apple OSX malware won't give a **** about petty distinctions between "virus" and "malware".

They won't notice the difference between the two, but malware requires no 3rd party software to deal with easily. Viruses do. Antivirus protects against malware, but so do easier (and free and less computer-taxing) procedures.

Viruses may seem the same as malware to users, but they are a way bigger threat. I just installed Windows 7 fresh on an HP machine and opened IE just once and didn't go anywhere besides the Chrome and Safari download pages. It already got a virus that spammed IE with toolbars and such for some retarded search engine as well as installing AOL stuff. I didn't do anything!

Therefor, antivirus is only useful for viruses or swarms of malware. Currently, Mac OS has neither, and Apple is apparently going to take care of the swarms of malware should they appear. There is no reason to get 3rd party antivirus software for Mac. All it would do is defend you from malware that can be defended against easily anyway.

 

[Risasi]

Smugness is unbecoming.

Really. Let me repeat, you could become a Flashback victim by merely viewing a web-site, quite possibly a Wordpress blog.

Doesn't change the fact that almost nobody needs to have the JRE or SDK installed. Why do you want to have something installed that you don't use, but makes you susceptible to cracking attempts? why do you need Java installed?

Why don't more Java coders sandbox and package a JavaVM in with their installer? Then you really wouldn't need to have it installed...

*Why doesn't Sun/Oracle stop blatting their stupid dll's all over the place and stop putting their Javaw.exe in the sustem32 directory where it can't find said dll's?

Why do people get the runtime environment and JavaScript confused?

---

Whatever, shoot the messenger. If somone yells at you about the imminent danger of standing on the subway rail are going to deride them too because they are too "smug".



*Windows specific

 

[Thana6tos]

OH, GROW UP! and go back to PC.

'infected' suggests its a virus. thought macs didnt get viruses. haha

 

[faroZ06]

OH, GROW UP! and go back to PC.

I don't know if the original post or this ^^ is sarcasm or not... People need to be more clear when trying to use text to convey a conversation.

----------

Doesn't change the fact that almost nobody needs to have the JRE or SDK installed. Why do you want to have something installed that you don't use, but makes you susceptible to cracking attempts? why do you need Java installed?

Why don't more Java coders sandbox and package a JavaVM in with their installer? Then you really wouldn't need to have it installed...

*Why doesn't Sun/Oracle stop blatting their stupid dll's all over the place and stop putting their Javaw.exe in the sustem32 directory where it can't find said dll's?

Why do people get the runtime environment and JavaScript confused?

---

Whatever, shoot the messenger. If somone yells at you about the imminent danger of standing on the subway rail are going to deride them too because they are too "smug".



*Windows specific

I think calling Java "useless" is fanboyism. Although the security threat of Java is lame, it is good for web apps. But is it true that you can get this so easily from visiting a site? And I'm sure legitimate sites don't get infected with something that makes them spread it to Macs.

Flash was horrible, and it was reasonable to blame Adobe in that case, but people shouldn't just start calling Java a horrible standard to shift the blame over to them. Mac OS is susceptible to malware just like Windows is, but Apple is actually going to take care of it for us with app signing and security updates.

 

[Renzatic]

Viruses may seem the same as malware to users, but they are a way bigger threat. I just installed Windows 7 fresh on an HP machine and opened IE just once and didn't go anywhere besides the Chrome and Safari download pages. It already got a virus that spammed IE with toolbars and such for some retarded search engine as well as installing AOL stuff. I didn't do anything!

That's not a virus. What you're seeing there is the totally excessive and completely unnecessary crap HP stuffs on their "restoration discs" and/or recovery partitions to bug the everliving hell out of you. If you're going to install Windows 7, make sure you're using a proper Win7 disc, and nothing provided by the OEMs.

I know it's not a virus because that wouldn't happen otherwise. IE is locked down tighter than a drum these days. You won't get any toolbars installed on it without your express permission.

 

[faroZ06]

That's not a virus. What you're seeing there is the totally excessive and completely unnecessary crap HP stuffs on their "restoration discs" and/or recovery partitions to bug the everliving **** out of you. If you're going to install Windows 7, make sure you're using a proper Win7 disc, and nothing provided by the OEMs.

I know it's not a virus because that wouldn't happen otherwise. IE is locked down tighter than a drum these days. You won't get any toolbars installed on it without your express permission.

Actually, the HP came with Windows Vista. That didn't last long because I soon rage-destroyed the OS. I installed Windows 7 from a real disc bought from Microsoft, nothing hardware-specific. This is actually the second time installing Windows 7 on the machine (the first one got killed when I did sudo rm -rf /* in Ubuntu on the same computer). The first time I installed it, nothing happened. The second time, I got these search bars and adware out of nowhere.

And the search bars it installed (and also set my homepage to) were for Babylon search. I searched it online and got a bunch of removal instructions for it. It somehow installed itself on a fresh Windows 7.

http://www.google.com/search?client=safari&rls=en&q=Babylon+search&ie=UTF-8&oe=UTF-8

 

[Renzatic]

I dunno, man. You've got to be doing something really amazingly incredibly weird to get a whole stack of toolbars like that on IE8 in Win7. The only thing I can figure is, A. you're prodigiously unlucky, or B. You've installed AOL for some reason, and that's why you have those toolbars. AOL is one of those annoying programs that likes to override everything, and tuck itself into every nook and cranny it can find.

Otherwise, hell...search me. I surfed around on multiple sites using IE8 just the other day, and I didn't pick up toolbar one. Getting them tacked on just by visiting the Safari and Chrome sites? That's nigh on unheard of.

The only thing I can tell you to do is hop onto Windows Update and grab IE9 as soon as you can. I use it occasionally on my computer, and I know it doesn't do anything weird like that.

 

[faroZ06]

I dunno, man. You've got to be doing something really amazingly incredibly weird to get a whole stack of toolbars like that on IE8 in Win7. The only thing I can figure is, A. you're prodigiously unlucky, or B. You've installed AOL for some reason, and that's why you have those toolbars. AOL is one of those annoying programs that likes to override everything, and tuck itself into every nook and cranny it can find.

Otherwise, ****...search me. I surfed around on multiple sites using IE8 just the other day, and I didn't pick up toolbar one. Getting them tacked on just by visiting the Safari and Chrome sites? That's nigh on unheard of.

The only thing I can tell you to do is hop onto Windows Update and grab IE9 as soon as you can. I use it occasionally on my computer, and I know it doesn't do anything weird like that.

Yeah, it's very strange. I actually just installed the OS and didn't download anything except for a couple of browsers. Anyway, I don't care that much because I don't use IE at all. Even if it affects other stuff, I still don't care much because I don't use that computer for anything except for random tests. My dad got it for... long story, but he ended up giving it to me quickly after getting a taste of Vista combined with the HP Pavilion Slimline, one of their worst PCs.

Anyway, it doesn't matter. It's just an example of the kind of thing antivirus software is good for killing.

 

[Goldenbear]

Yeah, it's very strange. I actually just installed the OS and didn't download anything except for a couple of browsers. Anyway, I don't care that much because I don't use IE at all. Even if it affects other stuff, I still don't care much because I don't use that computer for anything except for random tests. My dad got it for... long story, but he ended up giving it to me quickly after getting a taste of Vista combined with the HP Pavilion Slimline, one of their worst PCs.

Anyway, it doesn't matter. It's just an example of the kind of thing antivirus software is good for killing.

My SOP for installing Windows is to first download the latest anti-virua/anti-malware apps/definitions on my Mac. I install Windows without any networking enabled, then install the updates (transfer over via flash drive).

As far as all these Mac anti-virus software, would ANY of them have stopped this thing on day one?

 

[iWonderwhy]

Bogus indeed. Says I'm infected, I download the tool, run the scan, says to restart my machine, which I do. I then go back to the web-based flash checker, enter the UDID again, and says I'm infected. Just a sham IMO, all patches have been downloaded. Never went to any suspicious URLs either. Meh, not putting too much weight on this.

 

[Hyper-X]

Quite frankly all the comments about how "the problem isn't a virus" and how Macs are immune to them contribute to why non-Mac users keep thinking we're all clueless. Those who continue to believe Macs are like the "unsinkable Titanic" obviously are doomed to repeat the same mistakes.

It's not as important for us to know whether the problem is technically a virus than it is to recognize that Macs can be affected by malicious software, and hiding behind the "small Mac demographic" as an effective defense isn't good enough anymore. Xprotect alone isn't good enough.

While I don't think everyone should overreact/panic and rush to get antivirus, I still believe it's still good to have something. I've said this before and I stand by this... as a former IT tech now engineer, Macs are always a huge risk to mainstream Windows-based networks because they're often "carriers" of potential harmful content. Just because your Mac can't be affected by a Windows-based malware, with no form of outgoing protection/validation, there's nothing stopping your Mac from infecting/spreading them.

The opposite could be true as well, you wouldn't want to deal with Windows machines introduced into your Mac-dominant network if it was an unknowing carrier of Mac-specific malware. Responsible computing goes beyond just looking at what can affect your own computer.

 

[Mr. Gates]

The more you tighten your grip, Apple , the more malware will slip through your fingers.

 

[MuppetGate]

Doesn't change the fact that almost nobody needs to have the JRE or SDK installed. Why do you want to have something installed that you don't use, but makes you susceptible to cracking attempts? why do you need Java installed?

There are lots apps running behind corporate firewalls that need Java to run. Developers using Macs to write open source frameworks often use IDEs build around Java. And there are even a few apps popular on Macs (like MoneyDance) that need a JVM to work.

In any case, blaming Java is really just burying your head in the sandbox. If Apple had fixed the problem when Oracle patched Java way back in February then this wouldn't have happened. The fault lies entirely with Apple.

Why don't more Java coders sandbox and package a JavaVM in with their installer? Then you really wouldn't need to have it installed...

Because a full JRE installation is huge for one thing, but the main reason is bug fixes. If a vulnerability is found in the Java then it can be patched in one place and then all the apps that use it are covered. Separate JREs, aside from using large amounts of disk space, would mean that each app would need to be updated.
Having a single shared JVM/JRE is better, unless your JVM vendor is as lax as Apple.

*Why doesn't Sun/Oracle stop blatting their stupid dll's all over the place and stop putting their Javaw.exe in the sustem32 directory where it can't find said dll's?

Can't say I've ever had a problem with a JVM installation, so I can't help with that one I'm afraid.

Why do people get the runtime environment and JavaScript confused?

Because years ago, Netscape tried to cash in on the Java name by naming their ECMAScript implementation Javascript. No one thanks them for it.

 

[Skoopman]

I still don't believe the 600,000 figure.

Me neither, but I know 2 people who are infected. Btw, there is also the free Bitdefender Virus Scanner. It took only a few minutes to scan my system, no infection.

 

[Winni]

What? Minecraft? lol

Java is inherently awful. If you need to use it... I am very sorry

If you use Java, that usually simply means that you live in the world of grown ups where people use their computer for business and work and not just to browse through Facebook and YouTube. Whether anyone likes it or not, Java is - and remains - the number one platform for enterprise software and it also still is the most widely used programming language on the globe.

Apple only lost their interest in Java when they realized that enterprises did not want to use Macs and when it became very obvious that Apple had turned into a pure consumer brand.

 

[tblrsa]

I guess with GateKeeper active, this malware would have had its fair share of troubles executing on the victims machine.

 

[kiljoy616]

'infected' suggests its a virus. thought macs didnt get viruses. haha

Its a trojan and its part not so much of OS X but Flash and Java, now Apple has and this company has to fix it. When oh when will these outdated languages die off. Feels like they are taking for ever. I guess no real incentive for things to happen.

4 Mac's not one infections, oh wait I never use Java hahahahahaha. Has anyone but the trolls really gotten an infections?

----------

I guess being too lazy and, frankly, cheap to spend that $29 seems pretty stupid now, doesn't it?

Spending the money would be what I consider stupid. Still have no virus/trojan/worm/bacterial infections ever since owning a Mac and right now there are 4 at home running OS X Snow leopard and Lion.

Was not even worried about this, still suspicious of the whole thing.

 

[Oletros]

Its a trojan and its part not so much of OS X but Flash and Java, now Apple has and this company has to fix it. When oh when will these outdated languages die off. Feels like they are taking for ever. I guess no real incentive for things to happen.

And exactly why is an outdated language?

Has anyone but the trolls really gotten an infections?

Ah, you're only talking nonsense and you don't have a clue about what you're talking about