Last week an exploit in Java for Mac was revealed which resulted in a situation where 600,000 Macs were affected with a Flashback BotNet – a first for Apple’s Mac platform. Originally, the flaw was found by security firm Dr Web, but Apple kept mum. However that did not stop Kaspersky Labs from releasing an web tool to check if the users system was infected or not, as reported by AllThingsD. Also Read - Apple CEO Tim Cook claims iOS is more secure than Android
The tool checks the Mac’s UUID number against a list of machines known to be affected and tells the user if the machine is affected or not. If your machine is part of the affected bunch then Kaspersky also has a removal tool. Also Read - Apple Music Lossless, Spatial Audio features with Dolby Atmos coming soon to India
Now even Apple has come clean. The company posted a summary of the Flashback malware on its support page. It even stated that Java, Mac OSX Lion and Mac OS 10.6 were among the affected products. For what’s its worth, Apple had pushed out an update for Java on April 3, however as Mac computers check for software updates on a weekly basis, chances are most users are yet to update their systems. Also Read - Apple sells more iPads in early 2021 than ever, grows along with Samsung
Apple has also revealed that they are working on their own anti-malware tool for the Flashback malware which will detect and remove it from Macs around the world. In addition to the Java exploit, the Flashback bonnet even relies on computer hosted by he malware authors to perform many of its critical functions. Apple says that it is working with Internet Service Providers throughout the world to disable this command and control network.
Having said this, Forbes notes that Apple has distastefully asked Russian Web Registrar Reggi.ru to shut down three domains used by Dr Web, the security firm that initially detected the problem. The report says that Dr Web had been utilizing these domains as a spoofed command and control server to monitor the collection of hijacked machines and also to understand their behavior. In fact, it was by using this technique that Dr Web was able to report this exploit initially.