Security Corner

Apr 22 2012   1:56PM GMT

WordPress sites responsible for Flashback attacks

Ken Harthun Ken Harthun Profile: Ken Harthun

Researchers say that infected WordPress sites were the initial attack vector for the Flashback Trojan horse program. Anywhere from 30,000 to 100,000 sites are thought to have been infected during February and early March with 85 percent of the infected machines located in the U.S. According to Kaspersky Lab researchers, the infected sites were rigged with code that silently redirected visitors to a malicious server.

The vulnerability that Flashback exploits is a known vulnerability in Java. Apple has issued a patch and Kaspersky has an online detection and removal tool available.

According to Dark Reading, This is a good example of why Mac users are an APT (Advanced Persistent Threat) attacker’s dream come true:

[Mac users might not have a lot of exploits to worry about, but their lack of security worries makes them an APT attacker’s dream come true. See Anatomy Of A Mac APT Attack. ]

At the college where I am Net Admin, we have posted notices to all Mac users to protect themselves against this threat. We have also patched our 75+ iMacs in the Graphics Design and Photography labs.

With the growing popularity of Macs in the enterprise and with many consumers moving to “all Apple” technology — probably spurred on by the popularity of the iPhone and iPad — it’s no surprise that attackers have begun to zero in on the Mac.

Fortunately, there is free protection available to Mac users: ClamXav is available on ClamXav’s download page or in the Mac App Store.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: