Truemors
is reporting from
Member
NP Rank:
NP Rank:
Flashback Trojan: 'Mac Virus' Hits Macs
Share: 
by NowPublic Staff | April 5, 2012 at 09:03 am
657 views | 0 Recommendations | 1 comment
'Mac Virus': Macs Infected by Malware: Flashback Botnet Spreads
The conventional wisdom states that Macs are immune to viruses, trojans, and other malware. This is not true: Macs are less-easily exploited, but still exploitable. Case in point: the Flashback trojan, whose botnet has infected over 600,000 Macs since it first appeared in September 2011.
(Everyone's calling this a "Mac virus", but it's actually a trojan.)
Photos
Most of the Macs pwned by the Flashback botnet are in North America.
Apple has already released a fix: check your Mac's Software Update for the OSX Java patch and install it. Also see:
Mashable has compiled the terminal commands into one-click AppleScripts, which you can download here:
Network security tools such as Little Snitch, Avast!, VirusBarrier, iAntiVirus, or Packet Peeper prevent BackDoor.Flashback.39 from installing. If you're running Leopard or Snow Leopard, of you're running Lion with Java enabled, your machine is exploitable.
The Flashback malware is injected via malicious websites masquerading as legit sites. Be wary of URLs such as:
- godofwar3.rr.nu
- ironmanvideo.rr.nu
- killaoftime.rr.nu
- gangstasparadise.rr.nu
- mystreamvideo.rr.nu
- bestustreamtv.rr.nu
- ustreambesttv.rr.nu
- ustreamtvonline.rr.nu
- ustream-tv.rr.nu
- ustream.rr.nu
According to some sources, links to more than four million compromised web-pages could be found on a Google SERP at the end of March. In addition, some posts on Apple user forums described cases of infection by BackDoor.Flashback.39 when visiting dlink.com.
Attackers began to exploit CVE-2011-3544 and CVE-2008-5353 vulnerabilities to spread malware in February 2012, and after March 16 they switched to another exploit (CVE-2012-0507). The vulnerability has been closed by Apple only on April 3 2012.
Advertisement
What is NowPublic?
NowPublic lets people work together to cover news events around the world.
Most RecentMost Recommended Comments (1)
at 09:57 on April 5th, 2012
This extrajudicially persecuted and U.S. military contractor censorship regime censored veteran mainstream journalist knows that Macs can be infected, because all of my Macs (and PCs, too) have been hyperjacked via spyware and even radio frequency malware that makes my computers "virtual machine" slaves of the censorship regime, which is run out of Lockheed Martin Information Systems for USG agencies and commands. The boot-up firmware also has been infected on my Macs; that firmware comes off a chip on the motherboard. If the infection was not done via wireless RF intrusion, then the censorship regime used the Lockheed Martin- administered cell tower radio frequency directed energy (RFDE) system to keep me "under" in deep sleep while Lockheed- coordinated community vigilantes entered my premises, removed my computer to a nearby "black op" house, corrupted the firmware and return the computer to my premises. Don't think the multibillions going to counties all over the U.S. to fight "terrorism" are funding such black operations? You are wrong.
LOCKHEED MARTIN RUNS DRACONIAN CENSORSHIP REGIME FOR U.S. AGENCIES/COMMANDS -- INTERCEPTS, CENSORS, TAMPERS WITH TELECOMMUNICATIONS OF EXTRAJUDICIALLY 'TARGETED' AMERICANS, LEAVING THEM VULNERABLE TO I.D. THEFT, FRAUD, SAYS VETERAN JOURNALIST:
http://nowpublic.com/world/u-s-govt-censors-internet-political-speech-fraud-deception
http://nowpublic.com/world/u-s-govt-uses-spoofed-web-pages-and-urls-censor-internet
http://viclivingston.blogspot.com