Apple fights hundreds of thousands of virus-controlled Macs
Computer giant Apple released a patch this week for its OS X 2012 and 10.6 operating systems about the same time a Russian security company claimed that up to 600,000 Mac computers around the world are being controlled by a piece of malware that sucks targeted computers into a “botnet,” or a makeshift network of computers controlled by cyber-criminals.
Most Mac users are not well-versed in the trials of cyber security, with many having been lulled into a false sense of safety because the Mac platform’s smaller market-share makes it a less favorable target for hackers. But security company Dr. Web said this week that Mac users are becoming more frequent targets for identity theft and other cyber crime, and that one new piece of malware in particular is becoming a grave concern.
Dr. Web used a tactic known as “sinkholing” to trick the criminal network into sending signals to computers at the company’s security center, where technicians were able to monitor the botnet and count how many computers were part of it. They later claimed to have detected over 600,000 Mac computers participating in the criminal enterprise thanks to a Java exploit called BackDoor.Flashback.39.
Over four million websites contained links to the Flashback loader files, Dr. Web said. Those websites, knowingly or not, helped spread the malware through the users’ Internet browser, where it exploits a weakness in Java to install itself to users’ computers. Approximately 56 percent of the infected computers are in the U.S., they added.
Recognizing the potential for an explosion of botnet-controlled Mac computers, Apple and Oracle patched the exploit earlier this week. Prior to the patch, some security companies advised users to completely disable Java on Mac platforms until the exploit could be fixed.
While botnets are not unusual, news of the Mac botnet is due to the relatively small number of viruses and malware created specifically for Apple products. Word of the Flashback program, however, comes just a week after researchers discovered a different Trojan called MacControl, which gives cyber criminals complete control over a users computer. MacControl was seen spreading through emails containing a fraudulent document file that opens the malware along with an actual, non-malicious document, tricking the user into believing they downloaded a legitimate email attachment.
Photo: Shutterstock.com, all rights reserved.