The latest version of the Flashback malware that’s infecting Macs has a new command-and-control infrastructure that used Twitter as a fallback mechanism in case the normal C&C system isn’t available. This is not the first time a botnet has used Twitter for some form of command and control, but it’s a good example of the ways in which attackers are always adapting to defenders’ actions and changing their tactics.
Browsing Category: Apple
VIEW SLIDESHOW Mac Malware through the YearsWith the recent glut of high profile Mac-based malware like MacDefender and Flashback, it’s easy to forget that Macintosh computers (and Mac malware) have been kicking around for more than thirty years – longer, even, than Windows malware. In fact, the first documented Mac virus actually predated some of the first PC viruses by a good four years.
Symantec has discovered a new form of Java malware that infects both Apple and Windows machines, according to research posted on the company’s Security Response blog.
BOSTON–Accountability, not superior technology, has kept Apple’s iOS ecosystem free of viruses, even as the competing Android platform strains under the weight of repeated malicious code outbreaks, say researchers Dan Guido of the firm Trail of Bits and Michael Arpaia of iSEC Partners.
Kaspersky Lab‘s latest analysis of the Mac OS X Flashback botnet reveals that the botnet’s malware was spread via drive-by downloads on hacked WordPress web sites.
The number of Macs infected with the Flashback malware continue to decline but it’s not entirely clear to what degree. Initial numbers estimated that there were about 600,000 infected computers in total yet those numbers dropped last week to 237,000 and now, according to research by Symantec published last night, remained around the 140,000 mark this week.
Researchers at Kaspersky Lab says a new malicious program, dubbed SabPub, exploits the same Java security hole as the Flashback Trojan and enables targeted attacks against Mac users.
Apple has released another fix for Java that also is designed to remove several of the variants of the Flashback Trojan that have been plaguing Mac users for months now. The update, released on Thursday, is the latest in a series of attempts by the company to address the Flashback situation.
Researchers have known for a long time that many users don’t pay much attention to updating the third-party software, browser plugins and extensions, and that lack of care has been to the benefit of attackers for years. Attacks on Flash, Java, QuickTime and various other ubiquitous apps have been a major concern for Windows users for the better part of a decade, and now that same situation is presenting itself to Mac users.
Apple, which usually doesn’t get involved much in security issues outside of issuing patches when needed, said it is working with internet service providers around the world to disable the Flashback botnet’s command and control servers.