Flashback the largest Mac malware threat yet

April 09 [Mon], 2012, 11:22
Unless you've been living under barbour a rock for the past week, you've probably heard about Flashback, a piece of malware targeting users of Apple's OS X that's now estimated to be quietly running on more than 600,000 machines around the world.
That number, which came from Russian antivirus company Dr. Web by security firm Kaspersky. More than 98 percent of the affected computers were running Mac OS X, the firm said.
That's certainly a big number, but how does it stack up to past threats?
"It's the biggest, by far," Mikko Hypponen, chief research officer at antivirus and computer security firm F-Secure, told CNET in an e-mail. "I'm afraid the malware-free times of Mac users are behind us permanently."
Separately, Catalin Cosoi, chief security researcher for antivirus-software maker Bitdefender, said the infection was likely the largest for the Mac so far this decade, but that there's no precise way to measure how many Mac OS computers have been compromised.
"600,000 represents around 12 percent of the Mac OS computers sold in Q4 2011," Cosoi said, "which means that if we count the number of Mac OS devices sold in the past three years, we can barbour jacket estimate that less than 1 percent of the Mac OS computers are possibly infected. On the other hand, if we look at the actual numbers and not at the percentages, the numbers look pretty scary."
The consensus among security researchers is that a threat this size has been long overdue for the Mac, in no small part because of the platform's growing popularity.
Apple has outpaced the growth of the PC industry for , according to data from IDC. While the company's iOS devices, like the , have not surprisingly seen much faster growth and overall sales in recent years, Apple also broke a Mac sales record in its last quarter, -- all of which were, of course, running the company's proprietary operating system.
That kind of growth, which as of February barbour saleput Apple's installed base of Mac OS X users at 63 million, has not gone unnoticed by attackers, according to security researchers.
"As more people buy and use Macs, we'll see more malware," Charlie Miller, a principal research consultant for Accuvant Labs, told CNET by telephone. "Part of it too is that it's a Java vulnerability, and the actual exploit is OS independent, so (malware writers) didn't have to know how to write an OS X exploit."
In this particular instance, the weak point that malware writers were targeting was Java, a technology Apple hasn't included out of the box on its computers since 2010, but that it supports with its own releases. The runtime is used from anything from enterprise applications to popular 3D games like . In November 2010, when barbout jackets, Apple said it would continue to maintain these versions through Lion, but that Java SE 7 and beyond would be handled and distributed by Oracle.
Java or no, Paul Ferguson, a senior threat researcher at Trend Micro, suggested that HTML5 -- a Web standard in progress that Apple, Microsoft, and other browser makers are helping to build -- holds the same type of threat for future attacks.
"Wait until HTML5 becomes more ubiquitous for similar types of threat vulnerabilities, and you can have a botnet that runs in your browser," Ferguson cautioned. "The more ubiquitous these platforms are, it won't matter if it's a mobile device or a computer. It it's running Java or any other cross-platform technology, the threat is there."
Malware programs are designed to harvest user information that can be sold to third parties, or used for fraudulent activities. www.officialbarbourshop.com Infected machines can also be used as botnets, which can be rented for use in distributed denial of service attacks. Flashback is the latest in a series of attacks against Mac users through malware -- though it turns out not to be so new.