Mac: Malware, Trojans

User Group Network UGN Safenetting and Cybercrime report Congratulations, Apple. The Mac is now popular enough to attract major attention from the bad guys
* Flashback the largest Mac malware threat yet
* Apple Hits Flashback Trojan With Second Java Update
* What you need to know about the Flashback trojan
* Apple malware flourishes in a culture of denial
* How to reinstall OS X after malware infection
* Need more?
Oh, there’s LOTS more


Flashback the largest Mac malware threat yet

Unless you’ve been living under a rock for the past week, you’ve probably heard about Flashback, a piece of malware targeting users of Apple’s Mac OS X that’s now estimated to be quietly running on more than 600,000 machines around the world.
      That number, which came from Russian antivirus company Dr. Web earlier this week, was confirmed today by security firm Kaspersky. More than 98 percent of the affected computers were running Mac OS X, the firm said.

Apple Hits Flashback Trojan With Second Java Update

Apple WormApple has issued a second security update aimed at Flashback, the Mac malware that has reportedly infected 600,000 computers since last year.
      As Intego notes, the Java for OS X 2012-002 update appears to be same as the one Apple issued earlier this week, but the latest update is aimed only at Max OS X Lion users. It’s possible, Intego says, that Apple found a glitch in the first update that would make a new release necessary.
READ THIS REPORT Full story : PCWorld

What you need to know about the Flashback trojan

Flashback is the name for a malicious software program discovered in September 2011 that tried to trick users into installing it by masquerading as an installer for Adobe Flash. (Antivirus vendor Intego believes Flashback was created by the same people behind the MacDefender attack that hit last year.) While the original version of Flashback and its initial variants relied on users to install them, this new form is what’s called in the security business a drive-by download: Rather than needing a user to install it, Flashback uses an unpatched Java vulnerability to install itself.
      If you visit a malicious (or unwillingly infected) website hosting Flashback, the program attempts to display a specially crafted Java applet. (We don’t yet know how many websites host Flashback.) If you have a vulnerable version of Java installed and enabled in your Web browser, the malicious code will infect your system and then install a series of components.

READ THIS REPORT How can I tell if I’m infected?
READ THIS REPORT Full story : Macworld

Apple malware flourishes in a culture of denial

Most Mac users don’t use anti-virus software because they believe that their machines are impervious to malware. This outbreak could make the Apple ecosystem more secure by encouraging more Mac users to defend their systems.
      Apple could help. The company spent many millions of dollars on TV advertising that contrasted a hipster-style Mac guy with a more businesslike PC character, and the Mac’s freedom from virus infections was a core message. Apple could usefully spend a few millions running some more TV adverts to say: “Sorry, Macs CAN be infected, and we recommend you take precautions.” Obviously, Apple will not spend any of its spare $100 billion helping its users in this way.
READ THIS REPORT Full story : By Jack Schofield ,

How to reinstall OS X after malware infection

While instructions are available to remove the latest malware threats for OS X, some may choose to simply reinstall OS X and start from a clean slate.
      So far the malware has been fairly well described, and is not viral in nature, so for any particular variant it installs to a single location and runs from there to affect the system. As a result, when a variant has been characterized, you should be able to remove it from your system by following detailed instructions.

Need more? Oh, there’s LOTS more . . .

The news waves are humming like a shark feeding frenzy — smug days for Macs may be over …. need more? Here, pig out . . .

  • Alarmed about botnet trojan, Apple releases updates : Washington Post
  • Virus hits half a million Macs: How to protect yourself : Fox News
  • Widespread Virus Indicates Macs No Longer Safe : New York Times
  • With half a million Macs infected, Apple issues anti-malware patch :
  • Three-quarters of Macs without anti-malware software : BetaNews

READ THIS REPORT Full story : Google reports on Mac Malware

What did you miss in the last Safenetting post
GO Send in your items for Safenetting readers
GO Facebook Safe Netting
GO Join / Like / contribute : UGNN FaceBook Group, (ug.netnews)


If you think you’re a victim, file a complaint with the
GO FBI Internet Crime Complaint Center : IC3.

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO And, you should
GO switch to SpamCop and take a stand against spam.