Mac Flashback Trojan Removal Tool is here: But it has jolted iOS users

April 17, 2012 | Filed under: Business | Posted by:

The recent Mac Flashback Trojan attack has jolted iOS users to the reality of the vulnerability of the presumed-unbreachable operating system by Apple.

Flashback was a Java-based attack vector that targeted more than half a million OS X and the infected Macs became remote controlled botnets.

Apple did come out with the new Java for OS X Lion update that took care of the problem, but as always, it was a few days behind the actual Java update released by Oracle. However, within the few days of delay, the mischief was done and millions of Mac users found their Macs lose the false aura of impregnable security from malware.

The update released by Apple did a good job by not only provides a fully patched version of Oracle’s Java SE 1.6.0_31, but also got rid of the Flashback malware.

Apple has also taken measure to prevent further threats by configuring their version of the Java plug-in to not execute Java applets automatically by default.

Qualys CTO Wolfgang Kandek said, “We have been telling users to disable or uninstall Java if they do not need it, but we know very well that only very security-conscious users will do so. Giving the task of monitoring Java use to the computer itself is a great idea and it will be interesting to see how user acceptance will work out.”

Despite the major reason the malware was able to attack Macs was late in getting the Java updates, there are other causes that made iOS vulnerable. A good lead is taking care of the Macs with proper Intrusion Prevention System (IPS) rules.

Matt Watchinski, vice president of vulnerability research at Sourcefire, told eSecurity Planet said, “We provide detection of the exploit that delivers Flashback and detection of post-compromise behavior as well, which then allows us to help enterprises have the proper protection.”

Roger Thompson, Chief Emerging Threats Researcher at ICSA Labs, explained the three essential conditions that make a virus attack successful:

He points out, “The operating system has to be well enough understood that people of hostile intent can write malware. The development system needs to be cheap enough that the people of hostile intent can afford it. The target base needs to be big enough to provide a return on the effort.”

He added, “If you’re missing any of these three, you probably don’t have a virus problem. It is why it is not an issue for mainframes or mini-computers, for example. Mac now satisfies all of those conditions.”

Shortlink:

Posted by on April 17, 2012. Filed under Business. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry
  • James Ford

    Do you have any proof that IOS users have been jolted or was the headline used just to get some coverage? My guess (yes I said guess) is that most IOS users have not made a connection of the Flashback malware and their IOS device. While this same type of opening may be found for IOS devices in the future there is none today. You presented nothing in the article to tie your headline to the story you wrote. While the premise is there you did nothing to validate your supposition.