About 300 variants of Mac malware were detected before 2012, while more than 70 have been detected in just the past three months. Note: You can also grant an exception for a blocked app by clicking the Open Anyway button in the General pane. The app is saved as an exception to your security settings, and you can open it at any time by double-clicking it, just as you do with any registered app.
Kaspersky Lab noted that attacks on Mac OS X have increased over time. Control-click the app icon, then choose Open from the shortcut menu. Flashback and its known variants is downloader and clickjacking bot, which means it conducts click fraud scam by hijacking people’s search engine results inside their web browsers." "SabPub is classic backdoor Trojan, so it opens full access to a victim’s system for attackers. "The Flashback and the SabPub Trojans are totally different," Gostev said. However, Alex Gostev, chief security expert of Kaspersky Lab, told Mashable that the similarities end there. SabPub spreads via an exploit in Java, like Flashback. This new malware discovery comes hot on the heels of the highly publicized Flashback virus, which infected more than 650,000 Mac users at its peak. So while this could be an example of why you might want to get anti-virus software, it could also be an example of why OS X itself, and common sense, is the only thing you need.Over the weekend, Kaspersky Lab discovered a new Trojan that infects Apple Mac computers, called SabPub or, reports Mashable. And this variant of Flashback was easy to detect and remove before then, with absolutely no special software. Or, did so after Apple has already issued its patch.Įven if the answer is #1, they would have only beat Apple by a few days. Didn't updated their software to defend against this attack.
Did quickly update their software to defend against the Java/Flashback trojan, but failed to mention that important fact in any of their public relations postings.Ģ. They jump on these incidents to publicize that there are threats and try to use fear to sell their products. I don't know because the anti-virus companies don't seem to mention that anywhere.
Now your question is very interesting: "Would the main anti-virus companies not have updated their definition much quicker than the Apple fix came in?" Apple Releases Java Update Includes Fix for Vulnerability Exploited by Flashback Malware Posted on April 4th, 2012 by Peter James Apple has released Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7, featuring a dozen security fixes, including one that has been used a recent variant of the Flashback malware, CVE-2012-0507.
But once the problem existed, Apple jumped in and quickly released a patch for those that did have Java installed. So Lion by itself wasn't susceptible to this problem as Lion doesn't include Java. That is why so many people didn't get the Software Update notice - you only get it if you have Java installed. It wasn't a dangerous flaw until someone exploited it by creating a trojan that used that flaw to deliver the Flashback malware.Īpple actually stopped installing Java by default with Lion. Viruses can re-inject files onto your phone, perhaps doing more damage. It was simply that Java had a flaw that could be used to run something without the user's permission. The "problem" that Oracle was aware of a while ago wasn't the Flashback trojan. You still had to perform an action yourself (download and open the Word doc, visit a malicious web site). The previous trojan horse delivery mechanisms were very weak in that they had to ask your permission. In those cases it differed in that it didn't ask permission to install.
The Java app and MS Word docs were interesting cases. And then recently a Java app on a web page. Recently, the delivery mechanisms have varied. It doesn't contain X (or maybe it does, to hide the trojan better) but it instead installs the malware on your computer. You go to a site and it offers a pirated version of app X, so you download it. For a long time this was fake downloads named after popular software. First, however, realize that the "Flashback trojan" and its variants have been around for some time, on both Windows and Mac.Īs a trojan, the main concern is the delivery mechanism.