The Flashback malware discovered last week is raising doubts over the security of the Mac platform. The Trojan, detected by Trend Micro as OSX_FLASHBCK.AB, continues to be a hot topic in the computing industry and it opposes Apple’s own concept that their Mac OS are threat-proof. But this attack, along with an onslaught of malware and targeted attacks, put Apple’s self-proclaimed security into perspective.
Flashback is not only a piece of malware but a family of Trojans, and most recently, backdoors. It was first uncovered on October 2011 masquerading as a Flash Player installer. The next variants we have seen were dropped by malicious Java files that exploited Java vulnerabilities. Flashback variants typically modify the content of a web browser. They do this by exploiting Java vulnerabilities.
Specifically, OSX_FLASHBCK.AB comes from malicious Java files that exploit CVE-2012-0507. The said vulnerability has been patched for Windows environments as early as February this year. Apple released the same patch to its Mac users this month.
Based on Trend Micro’s Smart Protection Network data below, users from the United States are the most affected by OS_FLASHBCK.AB:
Despite Apple’s claims, Mac operating systems have never been safe from malware, let alone any attack. Jamz Yaneza, Threat Research Manager at Trend Micro, believes that attackers’ recent focus on Mac OS may be due to its growing market presence. US is also a prime target of Mac-related threats as this Gartner study cites Mac’s impressive user penetration in the country.
Leave a reply