Wednesday, April 11, 2012

Apple under fire over response to Flashback virus

Lion_1945449b The Trojan virus exploits vulnerability in Java, a programming language widely used by interactive websites, to steal personal information. Third party security firms have detected infections on more than 600,000 Macs, which have been co-opted into a remotely-controlled "botnet",

As well as creating a tool to remove Flashback, Apple said it was working with internet service providers in an effort to disrupt the “command and control” network used by the criminals behind it.

“In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical function,” Apple said on its technical support website.

“Apple is working with ISPs worldwide to disable this command and control network.”

Apple released a patch for the Java vulnerability exploited by Flashback last week, but according to security firms, it had already tricked hundreds of thousands into handing over control of their Mac.

“This once again refutes claims by some experts that there are no cyber-threats to Mac OS X,” said Russian firm Dr Web.

The relative lack of computer viruses targeting OS X has long been touted by fans as a major advantage over Microsoft Windows, and Apple itself boasts that with "virtually no effort on your part, OS X defends against viruses and other malicious applications, or malware".

Today though, Kaspersky Lab, a major anti-virus firm, sharply criticised the speed of Apple’s response to Flashback, which was discovered months ago.

“The three month delay in sending a security update was a bad decision on Apple’s part,” said Alexander Gostev, its chief security expert.

Java is developed by the corporate software giant Oracle, which was able to issue a patch for Windows machines itself. Apple controls the distribution of software updates for OS X, however, and did not act until last week.

“Apple doesn't allow Oracle to patch Java for Mac. They do it themselves, usually several months later,” said Mr Gostev.

“This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard anti-virus update is a rudimentary affair which only adds new signatures when a threat is deemed large enough.”

“Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time!”

Kaspersky Lab has created a website to allow Mac users to check if their machine is infected. The Finnish security firm F-Secure has meanwhile posted details of how to manually remove the Trojan.

The Telegraph

 
News Update Users