If you’re computing with a Mac and you wound up with the Flashback malware on your system, don’t take it personally. More than 600,000 Macs appear to have been infected by early April, but the good news is that awareness and software fixes from Apple and third-party vendors have shrunk the number of infected machines by half. In all, about 1 percent of current Macs seem to have been compromised with the Flashback malware – a potent reminder that the resources we use every day can be threatened without warning when hackers decide to strike.
Mac users have not been used to coping with the kind of everyday vandalism that has plagued Microsoft Windows for decades. In fact, it’s safe to say that if this had been a PC story rather than an Apple one, it would have made much less of a splash. After all, even a bright new Windows 7 machine routinely downloads updates to prevent malware attacks, and Windows users have grudgingly become accustomed to the countermeasures needed beyond the updates, like antivirus packages, spyware removers and various malware detectors.
But Apple’s OS X operating system is well designed and extremely tricky to compromise. Even more important, Windows has presented an enormous target of opportunity, given the number of installed systems around the planet, and especially the number of large installations in big business and government that have used upgraded versions of Windows to run key systems. The growing success of Apple – OS X now accounts for about 11 percent of desktop computers – invariably catches the eye of the hacker community. The more computers with a particular operating system, the more interesting a target, and thus we get Flashback.
This is pernicious stuff, a software attack that turns your computer into part of a so-called “botnet.” By “bot” I mean “robot,” and your machine becomes one that’s being manipulated by someone else, allowing it to participate without your knowledge in attacks on other computer systems, changing Web advertising on various pages to put money into malware authors’ pockets, and stealing your passwords. Especially pernicious is Flashback’s ability to work without user interaction – the current form of the malware doesn’t need you to download anything, but only to visit a Web page that can exploit a problem in older forms of Java.
We saw Flashback emerge last year in the guise of an installer for Adobe’s Flash software – that one you had to click on to install, so the new version is far more subtle. Fortunately, Apple has now released updates to Java that can detect and remove the malware, and third party removal tools also are available. The problem is rapidly being contained (visit www.support.apple.com to keep an eye on this). But malware that spreads without user action is obviously a concern because what can happen once can happen again. Apple’s Safari browser lets you turn off Java in its preferences menu, and while Java does allow various Web page interactions, many of these are moving to other delivery mechanisms – in other words, keeping Java turned off in your Mac’s browser and only turning it on when it’s specifically needed is a simple step to beef up security.
Java is maintained by Oracle, and some critics are pointing to Apple’s slow adoption of an Oracle update as a contributing factor to Flashback’s spread. That would hardly be a surprise – Microsoft has had to scramble many a time to bring security up to speed and, to its credit, tackled the problem head-on. Apple, we can be sure, will be paying closer attention to security in terms of educating its users about the dangers and keeping its operating system updated.
Everybody learns from a malware outbreak, and the biggest lesson Flashback has to teach us is that no matter how clever the marketing, no desktop computer is invulnerable.
Paul A. Gilster is the author of several books on technology. Reach him at firstname.lastname@example.org.