BOSTON–Accountability, not superior technology, has kept Apple’s iOS ecosystem free of viruses, even as the competing Android platform strains under the weight of repeated malicious code outbreaks, say researchers Dan Guido of the firm Trail of Bits and Michael Arpaia of iSEC Partners.
Browsing Category: Apple
Kaspersky Lab‘s latest analysis of the Mac OS X Flashback botnet reveals that the botnet’s malware was spread via drive-by downloads on hacked WordPress web sites.
The number of Macs infected with the Flashback malware continue to decline but it’s not entirely clear to what degree. Initial numbers estimated that there were about 600,000 infected computers in total yet those numbers dropped last week to 237,000 and now, according to research by Symantec published last night, remained around the 140,000 mark this week.
Researchers at Kaspersky Lab says a new malicious program, dubbed SabPub, exploits the same Java security hole as the Flashback Trojan and enables targeted attacks against Mac users.
Apple has released another fix for Java that also is designed to remove several of the variants of the Flashback Trojan that have been plaguing Mac users for months now. The update, released on Thursday, is the latest in a series of attempts by the company to address the Flashback situation.
Researchers have known for a long time that many users don’t pay much attention to updating the third-party software, browser plugins and extensions, and that lack of care has been to the benefit of attackers for years. Attacks on Flash, Java, QuickTime and various other ubiquitous apps have been a major concern for Windows users for the better part of a decade, and now that same situation is presenting itself to Mac users.
Apple, which usually doesn’t get involved much in security issues outside of issuing patches when needed, said it is working with internet service providers around the world to disable the Flashback botnet’s command and control servers.
Apple is planning to release a software fix that will find and remove the Flashback malware that has been haunting Mac users for several months now. The latest version of Flashback has built a botnet that at times has included more than 600,000 infected machines.
Dennis Fisher talks with Ryan Naraine and Costin Raiu about the Flashback Mac botnet, why Apple is reluctant to let third parties update software on Macs and the future outlook for the security of Macs.
Mac malware is still enough of an oddity that the existence of a single botnet made up of Macs has prompted a huge amount of publicity and finger-pointing in the general direction of Apple. The furor over the Flashback malware seems to be receding a bit, and researchers say that the number of unique bots connecting to a sinkhole server dropped significantly over the weekend. But that doesn’t mean that the threat is over.