Over 600,000 Apple Macs have been infected by the Backdoor.Flashback trojan, according to research from Russian anti-virus firm, Dr. Web.
In September the Mac trojan posed as a Flash player installer; if you tried to download or install Flash player from from a malicious site, there was a chance your Mac would be infected by the malware. Security software on your computer would deactivate as you clicked through the various sections of the installation process.
The virus evolves
Now the malware has been updated and is more sophisticated: ‘Flashback.K’ takes advantage of a vulnerability in Java’s software framework on machines running Mac OS X.
According to Dr. Web, most of the infected computers are in the US (57%), followed by Canada (20%). Only 13%, 68,577) of cases are in the UK – around 0.15% of the 45 million Macs across the globe.
Fixes and checks
Apple has released a security update to patch the Java vulnerability, which can be found on the Apple site.
If you want a simpler way to check whether your computer’s infected, technology publication Ars Technica has a quick Flashback checker designed by one of its readers.
Apple distributes its own Java updates, and security researchers have reportedly spent years criticising the way this is done.
Apple has failed to keep up with the Java updates that Microsoft and Linux distributors release to their customers; Oracle (Java’s developer) released a patch in February, but Apple’s own security update only appeared eight weeks later.
- Best antivirus firewall software – our lab tests reveal the best on the market
- Security software FAQs – all you need to know about viruses and security software
- Security software reviews – we test using real viruses, spam email and phishing scams