A couple of days back, around 5,50,000 Mac users all over the world were infected by the Flashback Trojan. Apple’s computers were always shielded from the worms and viruses that plagued Windows-based computers for a long time. The trojan, posing as a common plug-in for internet browsers, is capable of stealing passwords and other personal information from unsuspecting victims. Norton was one of the first security companies to offer a free tool to detect and eliminate the trojan. A couple of days later, Bitdefender launched a virus scanner to get rid of the malicious code. While the number of infected machines has dropped, the threat is far from over.

Down but not out

Down but not out

According to Kaspersky Labs, more malware targetting Mac users could be on the way. The company have identified other SabPub variants that can be used for another attack on Mac users. The malicious code is also known to be hosted on websites that advertise themselves as user-generated video services. As the user lands on the compromised page, a piece of Javascript code loads a Java applet that exploits the locally-installed version of Java. Successful exploitation leads to the download and execution of a malicious file identified by Bitdefender as MAC.OSX.Trojan.FlashBack.L. This Trojan has a backdoor capability (which means an attacker can seize full control of your Mac) and also tries to harvest usernames and passwords used for services such as Gmail, PayPal, and e-banking, amongst others. Symantec estimates about 140,000 Macs that are still infected by the Flashback Trojan despite of all the security patches and programs released by various companies. The numbers keep varying from different companies but the fact of the matter is that the threat is not over yet and there’s still a possibility for more attacks. The way Kaspersky sees it, the Flashback infections were spread over WordPress websites that were hijacked. While it’s difficult to pin-point the source of the attacks, the company believes that the attacks are part of “eastern euro-cybercrime” group. Apple’s new Gatekeeper security feature should help strengthen security when it launches this summer but till then, stay cautious.

Tags: , , , , , , , ,