Posted by: Ken Harthun
APT Attack, Flashback Trojan, Mac, Malware, Trojan
Researchers say that infected WordPress sites were the initial attack vector for the Flashback Trojan horse program. Anywhere from 30,000 to 100,000 sites are thought to have been infected during February and early March with 85 percent of the infected machines located in the U.S. According to Kaspersky Lab researchers, the infected sites were rigged with code that silently redirected visitors to a malicious server.
The vulnerability that Flashback exploits is a known vulnerability in Java. Apple has issued a patch and Kaspersky has an online detection and removal tool available.
According to Dark Reading, This is a good example of why Mac users are an APT (Advanced Persistent Threat) attacker’s dream come true:
[Mac users might not have a lot of exploits to worry about, but their lack of security worries makes them an APT attacker's dream come true. See Anatomy Of A Mac APT Attack. ]
At the college where I am Net Admin, we have posted notices to all Mac users to protect themselves against this threat. We have also patched our 75+ iMacs in the Graphics Design and Photography labs.
With the growing popularity of Macs in the enterprise and with many consumers moving to “all Apple” technology — probably spurred on by the popularity of the iPhone and iPad — it’s no surprise that attackers have begun to zero in on the Mac.