OSX_FLASHBCK: A Backlash to Apple’s Popularity?
The Flashback malware discovered last week is raising doubts over the security of the Mac platform. The Trojan, detected by Trend Micro as OSX_FLASHBCK.AB, continues to be a hot topic in the computing industry and it opposes Apple’s own concept that their Mac OS are threat-proof. But this attack, along with an onslaught of malware and targeted attacks, put Apple’s self-proclaimed security into perspective.
Flashback is not only a piece of malware but a family of Trojans, and most recently, backdoors. It was first uncovered on October 2011 masquerading as a Flash Player installer. The next variants we have seen were dropped by malicious Java files that exploited Java vulnerabilities. Flashback variants typically modify the content of a web browser. They do this by exploiting Java vulnerabilities.
Specifically, OSX_FLASHBCK.AB comes from malicious Java files that exploit CVE-2012-0507. The said vulnerability has been patched for Windows environments as early as February this year. Apple released the same patch to its Mac users this month.
Based on Trend Micro’s Smart Protection Network data below, users from the United States are the most affected by OS_FLASHBCK.AB:
Despite Apple’s claims, Mac operating systems have never been safe from malware, let alone any attack. Jamz Yaneza, Threat Research Manager at Trend Micro, believes that attackers’ recent focus on Mac OS may be due to its growing market presence. US is also a prime target of Mac-related threats as this Gartner study cites Mac’s impressive user penetration in the country.
Where the money is
It is also worth noting that Macs may be an attractive target for cybercriminals because of its user base. Mac computers are generally priced higher than Windows PCs, which may indicate the income level of Mac users. A 2002 Nielsen study proves this to be true, concluding that most Mac users are likely better educated and have higher income compared to PC users.
We can also expect other threats to jump ship and target Mac OS. Because of online banking’s importance and prevalent use, online-banking Trojans may be the next wave of malware that will invade Macs.
Trend Micro Protection from Flashback
Trend Micro products actively detect and remove the OSX_FLASHBCK.AB as well as the following Flashback malware:
- OSX_FLASHBCK.A – Trojan that disguised itself as a Flash Player installer for Macs
- OSX_FLASHBCK.DL – exploits two Java vulnerabilities
- OSX_FLASHBCK.IC – steals information via injection into web browser
Flashback is not the only security concern that Mac users should be worry about. We have previously reported other threats that may harm systems running on Mac OS. To know more about these, you may read the following links below:
- Another Tibetan-Themed Malware Email Campaign Targeting Windows and Macs
- Game Change: Mac Users Now Also Susceptible to Targeted Attacks
- News of Malicious Email Campaign Used As Social Engineering Bait
- More Malware For Mac
We also posted an infographic for consumers “A Look Into the Most Notorious Mac Threats“, which gives more details about the most notorious Mac threats that ordinary Mac users may encounter.
Trend Micro users need not worry, as they are protected from this threat via Smart Surfing for Mac, which promptly detects Flashback variants.
Post from: TrendLabs | Malware Blog – by Trend Micro