Flashback Trojan infecting more MACs
It seems that MAC has started facing tough days again. Reports states that the previous infection by Flashback Trojan on MAC has been spreading faster than actually expected. Flashback Trojan is a malware which is designed to attack the platform of MAC and to steal the personal information of the user. Its aim is to attack the web browsers and Skype. It gets installed on MAC while visiting the websites that are infected and pretending to be a flash installer. As soon as it gets installed it collects information including the password also and then sends it to the creator. Users get tricked with its identical look with that of the Adobe Flash installer.
MAC was supposed to be much more secure than Windows but in these few years it has witnessed many attacks of same kind. One such type of attack was listed about a year ago. As per a Russian antivirus company, almost about 2% of MACs whose owners have checked the computers have found it to be infected with this malware. Among 55,000 users, who have made use of the Dr. Web’s free tool so as to determine if their MACs are infected, only about 1000 are a part of the growing botnet, this indicates that 1.8% of the MACs are infected. The data of this tool is not scientific as the users have to turn to the Web based tool manually.
It was only last week that Dr. Web has estimated that above half a million MACs have been hit by this malware through drive by attacks and social engineering tricks which has silently exploited critical vulnerability in Oracle’s Java. Later it was revised to be above 600,000. Although many security researchers have mentioned that the numbers by Dr. Web are legitimate, it was not till Friday that Kaspersky Lab based in Moscow was able to give a confirmation regarding the size of the Flashback botnet.
How to known whether your mac pc is infected or not ?
Run following command on terminal and check for the output to determine if your MAC PC is infected or not?
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
defaults read /Applications/Firefox.app/Contents/Info LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
If your MAC is infected, you will get “does not exist” message. By updating MAC, you can avoid the chance of infection. To read more security articles click on the link below.