MAY 2012: After decades of a practically malware-free existence, Mac users have to do something new: watch out for botnets and viruses and Trojans, oh my. Two strains of malware written specifically for Macs — Flashback (or Flashfake) and the SabPub — have been infecting Macs like crazy this year via a vulnerability in Java programming (details below).
In fact, in 2012 more than 70 Mac malware variants have been detected. Compare that to the 300 variants in all years past combined. It’s not that Macs have been more secure until now. It’s that they’ve been such a small island in the computing pond that hackers had been simply playing the odds.
But those carefree days have hopped away forever. So Mac owners, now it’s your turn to tell cyber criminals “Game on!” Here’s how:
First things first: check your Mac to see if it’s infected with Flashback. This free Flashback checker from anti-malware specialist Kaspersky Lab is fast and easy to use. If your computer has been infected, remove it using the free Kaspersky Flashback Removal tool.
Next, update your Mac software. Apple released a Java-Security update in mid-April. Choose Software Update from the Apple menu, if your Mac hasn’t already prompted you to install it. For greater protection, manually disable Java.
Once your Mac is free from Flashback, take the next step: get anti-virus software, if you don’t already have it. Kaspersky sells it and so does Intego, Norton, BitDefender, ESET, F-Secure and others (see the TopTen Reviews).
And if you use Macs for business, you need to manage them just like PCs! Make sure your security strategy has you completely covered.
At Flashback’s peak on April 6, it’s estimated 670,000-800,000 Macs worldwide were infected, with half of those being in the US. That’s the worst Mac attack to date, with numbers rivaling those of the most successful botnet attacks of all time. As of late April, the number had come down, but reports vary. And now a new strain has been detected. It’s still unknown whether Apple’s mid-April update eliminates this version, too.
Flashback-infected Macs become part of a botnet, or group of computers controlled by a single source (which isn’t you!) that can spread viruses, send spam, display fake search engine results, steal data, crash servers and more. The more computers in the botnet, the more danger it poses.
The second piece of Mac malware is a Trojan called SabPub that’s completely different from Flashback. SabPub is being used to attack specific targets, such as pro-Tibetan organizations. It gets into Macs through the same Java vulnerability and also two infected Microsoft Word files named “10th March Statement.” If you somehow get one of those files, don’t open it!