Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • Mobile
    • PC Hardware

    Apple Issues Second Patch for Flashback Trojan

    By
    Jeff Burt
    -
    April 7, 2012
    Share
    Facebook
    Twitter
    Linkedin

      Apple is continuing to fight back against a Trojan that has infected more than 600,000 Mac computers, reportedly issuing a second patch this week.

      The latest update, issued April 6 and called Java for OS X 2012-002, is substantially the same as the first one issued for the Flashback Trojan, though it appears to apply only to OS X Lion, officials with security software maker Intego said in a post on the company€™s blog.

      €œIt is possible that Apple discovered a minor glitch in the first update, necessitating a new release,€ the blog post read. €œIt seems that this update is only available for Lion, whereas the first update was for both Snow Leopard and Lion. In any case, it is essential that all Mac users apply this update. The Flashback malware has been very active in the wild, and can install with no user interaction, if Java is not patched.€

      The Flashback exploit first surfaced last year, and has resurfaced in past weeks, with Russian security software company Doctor Web saying April 4 that as many as 550,000 Macs€”more than half of them in the United States€”have been infected. They later upped that number to more than 600,000.

      Apple issued its first patch April 3, then followed up with the second three days later.

      €œSystems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system,€ Doctor Web officials said in an April 4 blog post. €œJavaScript code is used to load a Java-applet containing an exploit. Doctor Web’s virus analysts discovered a large number of Websites containing the code.€

      Cyber-criminals began exploiting two vulnerabilities in February, then switched to another after March 16, they said. That last vulnerability was closed by Apple€™s patch April 3, according to Doctor Web.

      Flashback and a growing number of other malware incidents targeting Macs over the past have shaken Apple€™s reputation for security in their products. Last year saw the Tsunami Trojan and Revier/Imuler Trojan, as well as Mac Defender, a fake antivirus program that tried to steal credit card data from Mac users.

      With the growing popularity of Mac and other Apple devices, security experts say Apple and its customers can expect more attention from cyber-criminals. In the last calendar quarter of 2011, Apple sold more than 37 million iPhones, 15.43 million iPads and 5.2 million Macs, the company reported in January.

      “This latest wave of infections is a wake-up call to Mac users that their system is not immune to threats,” Mike Geide, senior security research at Zscaler ThreatLabZ, said in an email after the April 3 patch was released. “And the need to follow best security practices, such as remaining current with patches, is ubiquitous€”it doesn’t matter if you’re using Windows, Mac, or even [a] mobile phone.”

      The first version of Flashback was designed to look like an update to Adobe Flash€”giving the Trojan its name. However, the subsequent variants hit Mac users who had visited Websites that were harboring the malware.

      Doctor Web officials said in their blog that the company was able to redirect some of the Flashback traffic to their own servers in an operation known as €œsinkholing.€

      In an April 3 blog post, Intego officials said they had been finding new variants of the Flashback Trojan since March 23, and that they were not all identical to what other security companies were finding. Still, there are steps Mac users can take to protect themselves, they said.

      €œIn any case, the safest thing that users can do is turn off Java in their Web browser,€ Intego said in its blog post. €œIf you use Safari, choose Safari > Preferences, then click on Security. Uncheck Enable Java, to ensure that no Java applet can run. For other browsers, check in their security preferences as well.€

      Jeff Burt
      Jeffrey Burt has been with eWEEK since 2000, covering an array of areas that includes servers, networking, PCs, processors, converged infrastructure, unified communications and the Internet of things.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×