Apple Working to Battle Flashback Virus
Apple Inc. said it is working on a tool to detect and remove the Flashback virus currently infecting Macintosh computers.
"In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions," Apple wrote in a support blog on its Web site. "Apple is working with ISPs worldwide to disable this command and control network."
The malware made headlines when Russian security firm Dr. Web revealed last week that more than 600,000 Macs were infected with the Flashback virus. The virus is designed to steal personal information from computers. Mac users are tricked into downloading the virus which is disguised as an update to Adobe Flash video viewing software. Once the software is installed it receives directions from computer servers "hosted by malware authors" to collect personal information. Apple is collaborating with Internet service providers to "disable this command and control network". According to Apple the virus has evolved to exploit Java vulnerabilities in unpatched Mac systems.
Apple released a patch for the vulnerability on April 3 and another on April 6. The company did not indicate when it would release the tool to disable the Flashback virus.
Several experts have said that the infection is the biggest yet to target the seemingly invulnerable Apple Mac computers. Kaspersky Lab, another security company confirmed Dr. Web's estimate of the Flashback botnet. Kaspersky analyzed Flashback's communications technique and estimated that approximately 600,000 computers were connected to a contaminated computer. Kaspersky Labs has since then released a collection of tips for protecting Mac computers including a basic tip that users should install anti-virus protection.
The latest attack is seen as a wake-up call for Apple and Apple users about computer protection. Mac users have mistakenly assumed that they would be invulnerable from malware attacks as PC users have traditionally been the target of hackers and virus attacks. This is clearly no longer the case as Apple has grown in popularity and hackers have taken notice of the Mac users. Analysts also blame Apple for dropping the ball on this attack.
"Apple... needs get better about releasing patches for third party code in a more timely manner. A seven week delay is just not acceptable," said Roel Schouwenberg, Senior Researcher for Kaspersky Lab.
"Apple was really behind the timeline here," said Mike Geide, senior security researcher at Zscaler ThreatLabZ, told Computerworld. "What's going to be really, really interesting is when the next major Java vulnerability appears," said Geide. "What will Apple's response be the next time around?"