At one time many people bought a Macintosh computer because they believed it was immune to viruses, Trojans and other malware. That was never really true, but for a long time the Mac was not a target for hackers. Those days are long gone.
PC World reports in an article titled Mac Trojan Infections Exceed Half Million, that over 600,000 Macintosh computers are infected with the Flashback Trojan Botnet.
A botnet is created when malicious software is installed on a large number of computers that can then be simultaneously controlled remotely by hackers. Botnets are typically used to launch denial of service attacks attacks on web servers. Because the attacks are coming from hundreds of thousands of computers with different IP addresses, the attacks can be hard to stop.
The Trojan, which is formally named BackDoor.Flashback.39, infects a computer after the user has been redirected to a malicious site, where the Java-based Trojan is loaded via JavaScript. Apple has released a Java update to prevent and presumably patch the infections.
The Flashback malware is technically called a Trojan because it originally pretended to be an installer for Adobe’s Flash Player. Subsequent versions pretend to be a Java updater or a Mac program updater. According to reports, the latest version does not require any interaction from users. The Flashback Trojan can be installed simply by visiting an infected web site.
Over the past week Apple has released two Java updates to patch the vulnerability problem. All Mac users should install the updates, but just make sure you are installing a valid update from Apple. If you have a Macintosh and are looking for information about detecting the Trojan and applying the patch, check Apple’s Support Community thread about the Flashback Trojan.
Here is some new information posted by Apple about the update: Java Update for OS X Lion 2012-003.
If you own a Macintosh and do not own anti-virus software, start looking for a good anti-virus system. Welcome to the real world.