Although Apple has offered up a patch that will help safeguard Macs from the Flashback Trojan, dont expect that this malware quickly fade away. New variants have been discovered in the wild, and Apple is reportedly working on a fix that would, the company hopes, put the Flashback Trojan officially on life support. The issue then, of course, would be getting Mac OS X users to actually install the fix and bring the patch to their device.
But until that happens, there is an awful lot to be concerned about with Flashback. Although its only infected 600,000 Macs worldwidea relatively small number in Windows termsits a major concern in the Mac OS X ecosystem. There was a common belief that Apples software had a low incidence of security flaws. That reputation has been exploded forever. The sooner Mac OS X users recognize the threat posed by Flashback, the sooner theyll be able to safeguard themselves in the future.
Read on to find out more about the Flashback Trojan and to learn about the basic security safeguards that every Mac OS X user should know about:
1. You can see if youre infected
Luckily, there is a way for you to determine if your Mac is infected with Flashback. To do so, youll need to switch to the Macintosh Terminal and input some code and wait for information to pop out. If it comes back with a message saying nothing is found, youre probably safe. But if the Terminal spits out some other data, you might be infected.
2. Apple is working on a fix
Apple said in a support forum posting recently that its working on a fix for the Flashback Trojan that might make it quite simple to remove it. There are other methods of removing Flashback, but few quick fixes are available. So those who are less tech-savvy might want to beware. Hopefully, Apples quick fix will launch sooner rather than later.
3. Patches are available
Apple has released two patches now that address the Flashback Trojan. The latest patch came down recently and can be found when accessing Software Update. However, as youll see in a subsequent item in this list, the malware creators are already trying to find ways around the patches and continue to exploit users.
4. Its a Java issue
Its important to keep in mind that Flashback is not something that exploits Mac OS X on its own. Instead, the vulnerability comes by way of Java and has at least been patched by both Adobe and Apple. Still, its clear that Adobe must do more to protect users who might have downloaded its many software packages.
After Flashback, the Macs Aura of Invulnerability Is Gone Forever
5. Its scary
Make no mistake: Flashback is one scary Trojan. The payload injects itself into Mac OS X and tries to gain administrator privilege by duping people into believing the Adobe Flash Player needs to be updated. Along the way, it steals usernames and passwords for the many sites a person visits. Its an extremely insidious Trojan.
6. The malware creators arent backing down
According to security researchers, new variants of the Flashback Trojan keep cropping up on the Web, seeming to indicate that the malwares authors arent willing to back down just yet. With that in mind, Apple says that its working with international ISPs to take down the servers that are hosting the malware, but until then, dont expect Flashback to go away anytime soon.
7. Apple has been criticized for a slow response
Apple has come in the crosshairs of many security researchers and advocates who say that the company might have acted somewhat slowly to the outbreak. Flashback was known for weeks before it became a big news story. Only after that happened did Apple release its patch. Granted, that might have been a coincidence and the company might have been working on a fix for some time, but the timing didnt look right.
8. It speaks of more trouble to come
Although Flashback could be worse, it indicates that Mac OS X isnt nearly as successful at stopping Trojans as previously believed. The operating system is certainly secure and one might argue it has more safeguards in place than Windows, but to believe that more trouble wont be coming after Flashback would be a mistake.
9. Security firms were behind
Unfortunately, security firms just arent up to par when it comes to handling Mac OS X security threats. In the case of Flashback, for example, security firms didnt initially respond to the threat with some semblance of a solution for a couple days, allowing the Trojan to spread and work unchecked during that time. That said, its important to note that users havent really safeguarded themselves, so they must share the blame.
10. Stopping Java use in the browser will help
Finally, keep in mind that since Java is the issue with Flashback, it can be controlled by eliminating Java use in the browser. Granted, it might not be the most convenient or worthwhile solution, but its the safest solution for now. All major browsers advise users to turn off Java.