An Apple a Day Can't Keep Malware Away -This Flashback is No Daydream

By Peter Bernstein April 11, 2012

For all of you Mac users out there, including my daughter, it is time to drop the haughty attitude regarding Mac’s supposed superiority because of its perceived immunity to malware attacks. As has been widely reported, all of that has changed. It turns out that a recent version of malware going by the name of Flashback exploits a flaw in Java in order to install itself on your Mac. Users beware and estimates are there are over 600,000 of you.

Straight from the orchard

If you are a Mac user you might wish to click this link and bookmark it. It is also advised to bookmark this link to Kaspersky Lab which enables Mac users to see if they have been infected. And, it would be advised to read the fine detailed report on this done by the CBS’s Phildelphia TV station Channel 3. In a nut shell here is what Flashback is, does and how to get rid of it.

·         Flashback is malware that exploits a flaw in Java to keep a door open to your computer. It is obtained by visiting malicious websites. 

·         As various article note, so far it is relatively benign in that it is not known to do key-stroke capture but it does send you browsing history to the bad guys server.   

·         Oracle has a patch for this that has not been ported by Apple for use with its OS, but Apple as its site says is “developing software that will detect and remove” it.

What to do today

Fox News has a great list of things you can do today to protect your Mac. It is too comprehensive to produce here, and some of the steps suggested are not as easy as apple pie.   Please take to heart the admonition in the article that the anti-virus software that Apple bundle into OS X 10.7 Lion is not the answer, and that the next version of the software is not much better. I did like their little jibe, “Take a deep breath and say to yourself, ‘Steve Jobs is dead and my Mac is not immune to malware.’ Then install a solid anti-virus product. Today, right now, ASAP.”

The article also recommends that you disable your Java run-time engine if you are not using it which will of course kill your ability to use programs that run it. And, they advise that it is time to ditch your trusted PowerPC Mac because Apple no longer provides security patches for its older workhorse.

Better late than never

There is one final thing that various folks with expertise on the matter have been kind enough to highlight. Not only has Oracle had a patch for some time, but the Java flaw Flashback exploits was patched two months ago for Windows and Linux. 

It is a sad state of affairs that we live in a risky world where no company’s products are immune. Obviously the lesson learned here is there is no alternative to having the best protection possible. It is unfortunately that rotten to the Apple core now has taken on a new meaning.  

Edited by Amanda Ciccatelli
Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More