The Mac-specific Flashback Trojan created a zombie army of 550,000 Mac machines by exploiting a Java hole that Apple only patched on Tuesday, six weeks after Microsoft plugged it up on Windows machines. This is according to Russian anti-virus firm Dr Web, which arrived at the figure after it successfully managed to sinkhole one …
Ramchyld, so you're running an OpenBSD? Sure, no kidding? And may I ask, do you know, if a person starting the thread in your link is running plenty of OpenBSDs along with a Debian? And he/she is not kidding either:
"I have installed a deb from a site claiming to be an Screensaver however it looked dodgy however I proceeded."
Just, FYI, try not to install outside of central repositories, especially with sudo/root and/or binary only (even from gnome-looks. website) . With major distros/BSD users have a huge selection of various software, unlike their Windows counterparts. Possible reasons of going against such practices might be either recent switch from Windows, or a low IQ.
Another "not-a-Windows-fanboy" had a similar joke http://forums.theregister.co.uk/forum/containing/1359363 . Yours is good too :)
On a serious note, I've seen names of alleged Linux viruses and trojans on some antivirus makers' websites. All of them had nothing to claim about their relevance in the wild, except for a couple from the early 90s supposedly infected tens or hundreds of Unix users.
Fanboi slates Java, misses point in 3, 2, 1...
Only a matter of time until a Fanboi comes along to tell us how crap Java is, this isn't Apple's fault, Macs are still 100% virus-free and did I mention how good Apple are?
Re: Fanboi slates Java, misses point in 3, 2, 1...
Well, let's face it, Java is crap... and I've known since at least 1989 that Mac OS is vulnerable to viruses if I don't pay attention to what the hell's going on.
Serious question - no Apple or Java bashing here. Why is it that Apple manage the Java updates for OSX when Oracle do them for Windows and Linux? From what I've read it seems Apple would prefer Oracle to do this, but how did they get into this situation in the first place?
As part of their desperate attempts to become relevant again c.1999, Apple built Java directly into OS X and made it an on-the-box feature. The OS hence not only could run standard Java apps exactly as if they were native but included a rich set of bindings so that you could write fully native apps directly with the native frameworks but in Java. Per its designers, Java descends more from Objective-C than from C++ so I guess Apple were positioning themselves to be able to go fully Java if the market embraced it, hence they needed direct control over the thing.
In the end the market chose Objective-C (though revisionists don't seem to remember it this way), Apple worked on advancing that and deprecated the native Java bindings after only a few versions and dumped the default inclusion of the Java runtime at all as of the current version. Cyberduck is the only big OS X app I'm aware of with a Java core, Neooffice/J having once also been quite popular but probably not so much since Open/LibreOffice went native.
It was quite stupid that Apple were still maintaining Java separately and more slowly, and this is exactly the sort of flaw that doing so has exposed. So it's good that they don't do that any more, though it's far from being Apple's only security problem.
So, you need to have Java or Flash installed. I have neither on my Mac, so am I safe ? Surely rather than bashing Apple, is this not the fault of Adobe and Oracle ?
If you don't have Java on your Mac then you should be safe, yes.
It's not the fault of Adobe (this time). The security 'hole' is in Java. Oracle patched this particlar hole in February, but Apple maintain their own version of Java fo OSX and it took them until Tuesday to issue a patch.
What you are seeing is a back lash against Mac users. When Windows users pointed out that the flaw was in a 3rd party application fanbois shot back and said windows should of never allowed it to happenand macs don't get infected.
They switched exploit (CVE-2012-0507, from CVE-2011-3544 and CVE-2008-5353) on March 16 I think.
Thanks for the reasonable reply - my post got so many downvotes even for asking a question.
Apple vs Windows is worse than Liverpool / Everton or Arsenal / Tottenham.
Good point. I don't have "runtime Java" installed that I know of, and I maintain a very tight whitelist in FlashBlock.
Don't know enough about Oracle to comment on Java, but I have enough experience with Adobe products to know that Flash and Acrobat practically scream pwn me, PWN ME!
I've never tried installing Liverpool, Arsensal, Tottenham or Everton on my computer. What features do they offer?
Bloody, bloody java...
I'm currently vulnerable to this, as my main install of Java is a bit out of date, but updating it on Windows, when you run as an user, is a pain - even if you authenticate as admin, it fails with a folder creation error, so you have to log out, login as Admin...yeah, I'm lazy.
But not only that - a lot of programs that rely on Java (e.g. SPSS/PASW) use their own JVM to ensure that it is compatible, and these never get updated, which is a bit of a security hole...
It's a shame it's useful, otherwise I'd just get rid of it.
Re: use their own JVM to ensure that it is compatible
Yep. You don't want to get me started on programmers working on critical apps that depend on Java versions that Sun stopped supporting 2 years before they sold out to Oracle.
Mac users will....?
<Switches off SMUG mode>
they told me Apple computers didn't get viruses!
Say it's not so Steve!
Re: But, but...
Don't get Windows virus. Are you really so thick?
Re: But, but...
Riiiight, anonymous fanboi. I never said macs did/didn't get infected by Windows viruses.
English is obviously not your first language.
Re: But, but...
So lets examine you English skills
Where in the advert does it say that Macs can't get a virus? - It doesn't, Not even once.
They'r clearly talking about a Windows Virus. Which a Mac cannot get. Yes, they can pass them on.
So you're original comment "they told me Apple computers didn't get viruses!" is actually completely wrong. They never said it at all.
English may be your first language, but you're not very good at it. Stick to picture books
I DONT HAVE TO WORRY ABOUT MICROSOFT VIRUSES I HAVE A MAC
There are no viruses on Mac's.
I was told this. It must be true.
I've noticed a distinct dislike of Mac users on El Reg, nothing wrong with that, anyone who spends double the value because it has a customised version of linux on it deserves to be mocked. I mean really, I've tried using a mac, honestly I have. But its just terrible. Shame Microsoft is trying to copy them now.
*jumps on the Linux boat*
> it has a customised version of linux
Macs don't run Linux, customised or otherwise.
I think he meant Unix. It's easy for the layman to get the two mixed up sometimes (like affect and effect for most people), so cut him some slack.
>Macs don't run Linux, customised or otherwise.
Sure they do - My mum ran Debian on an old purple PPC iMac for years.
Yep, got Unbuntu running on an old PPC power book
that about covers it.
I thought he was another holier than thou Linux user?
Enjoy the show
Sit back, put your feet up, get the popcorn out and be prepared to watch the spark fly as the forumites kick off.
Remember play nice girls and boys
Re: Remember play nice girls and boys
Now, where did I put the remote that turns on the rotation, tilt, and spikey things?
"exploiting a Java hole that Apple only patched on Tuesday"
Er, Apple aren't maintaining Java for OS X on their own. As your own article states, Oracle are involved in this release too.
Apple are no more interested in keeping Java limping along than they are in supporting Flash on iOS. Both are obsolete technologies that have lasted well beyond their Use By date.
Re: Apple aren't maintaining Java for OS X on their own.
What bit of "only runs on OS X 10.7" did you not understand?
After checking that my Mac was clean, I thought that I'd see which version of Java is installed. So I typed java -version into bash. The result was:
No Java runtime present, requesting install.
Needless to say, I clicked cancel when it asked me if I wanted to install Java. So unless a user has explicitly installed Java on their Mac, then they're safe (this time).
Nice to see El Reg forums maintaining their usual standards...
For anyone interested, instructions on checking for and removing the malware are here :-
The only observation I would make is that, of the number of active OSX computers in use (given the sales of OS updates & etc), 500,000 is actually quite a small percentage. So they've got off lightly, basically.
Thank you for posting something useful!!!!!!!!
This is BS. I have been operating a Mac and an IPod for years and I've NEVER, repeat NEVER, got a virus but I know people running windows who have get thousands of viruses all the time.
Anyway a Trojan isn't even a Virus. Plus it's Javas fault, not Apples. and anyway Windows had viruses first.
How do you know you NEVER, repeat NEVER, got a virus? Every Mac user I've come across in the last 20 years, has refused to install any Antivirus, therefore wouldn't actually know if they had got a Virus.
If you check I think you will find that the first 'virus' was written for UNIX
NonNomNom.... you really know someone (you said people which would be more than one person) with "thousands" of viruses on their computer(s)? I think not. So...we know that's not factual, so what else isn't factual in your posts?
...depends on how you define "thousands". I did once end up cleaning a computer that had well over 100,000 running copies of the same worm, each with its own executable in c:\windows\system. "Slow" doesn't begin to describe it.
And yes, trolling troll is trollicious.
I didn't have to clean it up, but our Sr. Tech did.
Back in the early virus fighting days, Sr. Pilot fish installed really good AV that you can't get anymore (It didn't even trust updates it downloaded itself, and unless you'd granted explicit permissions to directories you couldn't write there either) on server for a client. Client got a virus. Virus said you the system was infected and could be cleaned, but the AV needed to be turned off first. AV was configured to quarantine, not delete and had been running for over a year catching many, many viruses and stopping them from infecting the system. Client dutifully turned off AV and proceeded to "clean" the infection. Which of course released EVERY virus from the quarantine.
I was so glad I wasn't Sr. Tech that day.
You may write as many viruses as you want. More interesting is how much chances they will have to infect and spread outside of the lab. For this matter count those viruses for *nix that have been allegedly detected in the wild along with the percentages.
AMOF, This case shows that:
1) Java runtime is a pretty dangerous technology to be allowed in a web browser, nothing to say it is almost always redundant stuff
2) Apple is sloppy
3) Oracle may also be sloppy
Reminds me of something, that does.
Re: @Aqua Marina
...then you haven't come across very many Mac users then, have you?
Every Mac user I know (including me) has AV installed - if only to avoid inadvertently forwarding a Windows virus to a windows-using friend.
Some of us Mac users DO have friends who use Windows - and we STILL talk to each other and remain friends...
Re: @Aqua Marina
I agree. If you did not at least have Disinfectant in you Mac toolkit back when, you should be ashamed of yourself.
And I'd like to add that I've lived through an ugly Autostart 9805 worm/virus infection on my old PowerMac G3 to tell the tale.
NomNomNom is trolling
Thank you and have a nice day
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market
- NASA to reformat Opportunity rover's memory from 125 million miles away