Norton Scientific Reviews: Macs Not Virus-free After All; Hit by Flashback Trojan

http://nortonscientificreviews.com/reviews/category/digital-security/

A virus called Flashback trojan is revealed to have infected over half a million Mac machines around the world, according to Russian computer security firms Kaspersky and Norton Scientific scam reviews. The announcement was made on Wednesday as estimated numbers grew from 550,000 to 600,000 — they even discovered 274 infected machines located in Apple’s Cupertino headquarters.

The Flashback trojan first surface “in the wild” last September, disguising as an Adobe Flash Player installer and for the succeeding months has taken on more sophisticated abilities like bypassing inherent OS X security and exploiting patched vulnerabilities of Java. Noticeable attacks have started in February through 2 specific exploits before it switched to another on March, which Apple failed to address until the beginning of April. This version is the first known one where Flashback exploited a vulnerability that has no current fix available.

Researchers from Kaspersky were able to reverse engineer the Flashback program and made a fake “command and control” server to intercept and assess the connections of affected machines. Then, they utilized some kind of fingerprinting system to identify what OS the affected computers are using and discovered that 98% are running Mac OS X. Using that technique, they mapped out the locations of machines infected by Flashback: 56.6% (303,449) are in the US, 19.8% in Canada, 12.8% in the UK and 6.1% in Australia.

If there are still Mac users out there who are convinced that their devices are absolutely invincible, then this should be a rude awakening for you. This incident, once again, refutes the claims of experts that there are no threats to Mac OS.

Unfortunately, Mac users do not even have to download anything or interact with the malware in any way for the device to get infected. The virus exploits a bug in Java that lets Flashback.K automatically download itself on a Mac device. Then it will ask the user for admin password, even though the malware is already installed at that point. Flashback.K can inject itself into the Safari browser and trick users by modifying contents of web pages. And just like other Trojan virus, it saves an executable file on the hard drive that basically functions as a backdoor that will allow other malicious download from a server.

Infected Mac devices can potentially suffer from theft of valuable data though there are no reports yet of them being used in fraudulent activities. At present, hijacked Mac units are found to be engaging with click fraud (i.e. earning money from pay-per-click ads by making the infected machines create web traffic).

Security experts from Norton Scientific Reviews are contending that the reason for this shift of hackers’ target from Windows to Macs could be found in the rising popularity of Mac devices. Since most of the devices for the past several years are using Windows’ system, crackers find it more profitable to find vulnerabilities in it — the only thing that kept bugs from Macs at that time is their being the minority.