What You Need to Know About the Mac Flashback Trojan

Although Apple has offered up a patch that will help safeguard Macs from the Flashback Trojan, don t expect that this malware quickly fade away. New variants have been discovered in the wild, and Apple is reportedly working on a fix that would, the company hopes, put the Flashback Trojan officially on life support. The issue then, of course, would be getting Mac OS X users to actually install the fix and bring the patch to their device.

But until that happens, there is an awful lot to be concerned about with Flashback. Although it’s only infected 600,000 Macs worldwide a relatively small number in Windows terms–it s a major concern in the Mac OS X ecosystem. There was a common belief that Apple’s software had a low incidence of security flaws. That reputation has been exploded forever. The sooner Mac OS X users recognize the threat posed by Flashback, the sooner they’ll be able to safeguard themselves in the future.

Read on to find out more about the Flashback Trojan and to learn about the basic security safeguards that every Mac OS X user should know about:

1. You can see if you re infected

Luckily, there is a way for you to determine if your Mac is infected with Flashback. To do so, you ll need to switch to the Macintosh Terminal and input some code and wait for information to pop out. If it comes back with a message saying nothing is found, you’re probably safe. But if the Terminal spits out some other data, you might be infected.

2. Apple is working on a fix

Apple said in a support forum posting recently that it s working on a fix for the Flashback Trojan that might make it quite simple to remove it. There are other methods of removing Flashback, but few quick fixes are available. So those who are less tech-savvy might want to beware. Hopefully, Apple’s quick fix will launch sooner rather than later.

3. Patches are available

Apple has released two patches now that address the Flashback Trojan. The latest patch came down recently and can be found when accessing Software Update. However, as you ll see in a subsequent item in this list, the malware creators are already trying to find ways around the patches and continue to exploit users.

4. It’s a Java issue

It’s important to keep in mind that Flashback is not something that exploits Mac OS X on its own. Instead, the vulnerability comes by way of Java and has at least been patched by both Adobe and Apple. Still, it s clear that Adobe must do more to protect users who might have downloaded its many software packages.

5. It’s scary

Make no mistake: Flashback is one scary Trojan. The payload injects itself into Mac OS X and tries to gain administrator privilege by duping people into believing the Adobe Flash Player needs to be updated. Along the way, it steals usernames and passwords for the many sites a person visits. It’s an extremely insidious Trojan.

6. The malware creators aren t backing down

According to security researchers, new variants of the Flashback Trojan keep cropping up on the Web, seeming to indicate that the malware s authors aren’t willing to back down just yet. With that in mind, Apple says that it s working with international ISPs to take down the servers that are hosting the malware, but until then, don t expect Flashback to go away anytime soon.

7. Apple has been criticized for a slow response

Apple has come in the crosshairs of many security researchers and advocates who say that the company might have acted somewhat slowly to the outbreak. Flashback was known for weeks before it became a big news story. Only after that happened did Apple release its patch. Granted, that might have been a coincidence and the company might have been working on a fix for some time, but the timing didn t look right.

To read the original eWeek article, click here: Flashback Trojan: 10 Things Mac Users Should Know About It

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles