Apple is planning to release a software fix that will find and remove the Flashback malware that has been haunting Mac users for several months now. The latest version of Flashback has built a botnet that at times has included more than 600,000 infected machines.
Apple said on Tuesday
that it was in the process of developing a tool that would detect and
remove Flashback, but the company did not specify when the fix would be
available. Security researchers and customers have been questioning why
Apple hasn't yet provided a fix for the malware even though Flashback
has been around in one form or another for more than six months now. The
most recent variant of the Trojan is exploiting a Java vulnerability
through drive-by download attacks in order to infect users' machines.
Apple,
which is typically mum on security issues, has remained so throughout
the investigation by security firms into the Flashback botnet and it
wasn't until Tuesday that the company made its first public statement
about the issue.
"A
recent version of malicious software called Flashback exploits a
security flaw in Java in order to install itself on Macs. Apple released
a Java update on April 3, 2012 that fixes the Java security flaw for
systems running OS X v10.7 and Mac OS X v10.6. By default, your Mac
automatically checks for software updates every week, but you can change
that setting in Software Update preferences. You can also run Software Update at
any time to manually check for the latest updates," the company said in
a statement. "Apple is developing software that will detect and remove
the Flashback malware."
Apple also said that it is working with
ISPs to help take down the sites that are serving the exploits and
infecting Mac users. Researchers at Kaspersky Lab and other security
companies have taken the step of sinkholing some of the
command-and-control domains that the Flashback malware authors use to
communicate with infected machines. That tactic has enabled the
researchers to keep tabs on the size of the botnet, which was up over
the 600,000 mark late last week but had fallen to less than 250,000 by
Tuesday.
In a podcast interview Tuesday on the Flashback botnet and the response by Apple,
Costin Raiu of Kaspersky said that now that attackers have begun to
focus some of their attention on Mac users, he would expect to see more
of these kinds of attacks in the coming months.
From what Apple
said in its statement, it's not clear whether the fix that the company
is developing will be an update for the XProtect anti-malware software
that's included with OS X or whether it will be a standalone tool. Some
earlier versions of Flashback have had the ability to disable XProtect on infected machines.
Courtesy Dennis
No comments:
Post a Comment