Malware Authors Get Boost from Apple's Sluggish Updates, Infect 600K Macs
April 6, 2012 8:40 AM
comment(s) - last by
(Source: Science Photo)
Apple refuses to let Oracle patch Java directly, cybercriminals celebrate 2 months of easy hunting
If you have a Mac and you browse the internet, there's a chance your "secure" Apple, Inc. (
) computer may have been compromised, allowing hackers to
use your computer as part of a botnet
to spread spam and launch distributed denial of service (DDOS) attacks.
I. Half a Million Macs Infected
by security firm Dr Web claims to have discovered at least 600,000 Macs to be infected by "Flashback" the latest in a growing deluge of Mac malware [
The new malware first takes root by masqerading as a Flash player update, which many users haplessly approve. It then does various devious and dastardly deeds, depending on the variant.
Early versions disabled XProtect,
Apple's pseudo-secret antivirus program
, which it quietly slipped in version 10.6.7. The crippling of the protector program was a multi-step sophisticated process where the trojan first decrypted a file attached to the program, then decrypted the path of the updater binary, and finally stopped the updater daemon and overrwrote key files.
The latest version v39, has even more dangerous capabilities:
The exploit then reportedly downloads other malicious programs to control the computer, conscripting it into the authors' botnet. Typically every program installed on the Mac requires user permission to install, a process similar to
the user account control (UAC) warnings
in Windows. However, after the Java exploit, users no longer receive such warnings about the malware installations.
II. Apple Moves Sluggishly to Fix Gaping Holes
In recent months Flashback has been exploiting three specific known Java vulnerabilties. Oracle Corp. (
) had fixed these vulnerabilities way back on Feb. 14, but Mac users did not have access to the free protection as Apple does not allow Oracle to directly update its machines.
Instead Mac users had to wait until 4/4/2012 -- this Wednesday -- to receive
for the last of the flaws. A second update was released yesterday,
security firm Intego. Given that there are commonly other flaws that are patched by Oracle, but not on Macs, these latest patches are likely only to slow -- not stop -- the malware.
In addition, Apple does not automatically install such critical updates on users machines. Rather it prompts them that the update is available in OS X, then allows them to install the update at their own convenience. As a result, many users may never patch the flaws or go weeks unprotected. This contrasts with Microsoft who forces users to endure the
occasional nightly reboot
in the name of security.
Apple has long practiced a negligent approach when it comes to security. Where Microsoft rewards developers who point out potential security flaws,
Apple bans them
III. Macs -- Not That Safe Anymore
Apple users, like Linux users, long trumpeted their platform's "superior security". Even Apple joined in this fun,
attacking veteran operating system maker Microsoft
). While there was some truth in these claims, it was largely due to Apple's miniscule market share -- malicious hacking tends to be profit-motivated and spending a whole lot of work to infect a small portion of a few million machines seemed a lot less attractive than being able to infect hundreds of millions of machines with Windows-geared exploits.
But Apple has
risen in market share
, shipping 16.8m Macs in its fiscal 2011 (which ended in calendar Q3 2011). Now it's learning the pain Microsoft felt for years.
Many Apple users blindly believe their favorite company will protect them sufficiently. In reality Apple does less than Microsoft to protect its users. [Image Source: Eater]
Apple's reaction has been slow at best. Apple still insists on redistributing third parties security updates, but
does so at a leisurely pace
, endangering its users. At the same time, the company was revealed to have been instructing its technicians to
lie to users
and not tell them if their systems are infected.
Timur Tsoriev, an analyst at Kaspersky Lab
, "People used to say that Apple computers, unlike Windows PCs, can't ever be infected - but it's a myth."
Unfortunately many Mac users don't realize that, faithfully believing that Apple is delivering them superior protection. Sadly their faith is misplaced.
This article is over a month old, voting and posting comments is disabled
RE: It is superior
4/6/2012 5:47:50 PM
I didn't interpret your post as an insult. I just interpeted it as very dated.
As further example just now you mention granularity of user level permissions. I think what you are saying is true for NT 4.0 in the mid 90s.
In general I find peoples views of microsoft as a whole to be very stuck in the past.
RE: It is superior
4/6/2012 8:43:12 PM
It's still true today. Again, I'm just saying the Unix implementation is still superior. I'm NOT saying that Windows is unworkable or anything (it's pretty obvious by usage numbers alone that it IS workable), and I'm definitely not saying that Windows hasn't changed since NT 4.0 (?). The server versions of Windows, especially, have been getting more Unix-like with each release over the past 10 years or so. PS is a great example of this trend. I'd consider it over-complicated for what it needs to do, but it's certainly a huge improvement over previous shell environments for Windows.
If it helps, I 'm coming at this from more a server admin perspective, and I would say that for normal desktop usage the differences would be less significant...
RE: It is superior
4/9/2012 5:15:58 PM
You've done nothing but provide well informed posts that are well backed up and people still downvote you. The DT hivemind is ridiculously ignorant.
RE: It is superior
4/10/2012 11:48:37 AM
Linux users, long trumpeted their platform's "superior security".
The platform does have a superior security model* (vs. Windows). Superior and perfect, however, are quite different. Linux users were propagating the belief that their computers were bulletproof, and that's a really bad thing to believe about ANY connected system. *Implementation obviously plays a big part in this. A properly configured Windows machine WILL be more secure than a poorly configured Linux based machine.
FTFY. Now watch me get uprated to a 5 as opposed to your -1's because I didn't mention any round fruit. And I, like you, detest tech companies named after fruit.
"I modded down, down, down, and the flames went higher." -- Sven Olsen
Wrath of the Titans: Microsoft, U.S. Feds Slay Godly "Zeus" Botnets
March 26, 2012, 3:21 PM
Windows 8 Looks to Ditch the "Zombie" Security Restarts of Windows 7
November 15, 2011, 4:38 PM
Developer Demonstrates Serious Security Breach in iOS, Apple Bans His Account
November 8, 2011, 9:06 AM
"Devil Robber" Trojan Infects Macs, Leeches Their GPUs for Bitcoin Profit
November 1, 2011, 10:59 AM
Analysts: Apple Now Has More Than 10 Percent of the U.S. PC Market
July 14, 2011, 1:52 PM
China Mobile Looks to Cut Costs by Reducing Subsidies, Will Push Cheap 4G Phones
September 16, 2014, 11:24 AM
Quick Note: NVIDIA Offers Up 32GB, LTE-equipped SHIELD Tablet for Pre-order
September 16, 2014, 10:22 AM
PayPal Takes Potshot at Apple Pay, Mentioning iCloud Breach in New Ad
September 16, 2014, 7:24 AM
Quick Note: New "Windows" Branding for Microsoft's Smartphones is Leaked
September 15, 2014, 2:00 PM
Sony Abandons Android Upgrade Support for Year Old Xperia and 3 Others
September 15, 2014, 11:07 AM
Apple Racked Up 4 Million iPhone 6, iPhone 6 Plus Pre-orders Within 24 Hours
September 15, 2014, 9:54 AM
Most Popular Articles
Dell Announces "World's Thinnest" Tablet: The Venue 8 7000 Series
September 11, 2014, 8:51 AM
Apple Announces Its Smartwatch: The $349 Apple Watch
September 9, 2014, 2:09 PM
Quick Note: Buy an Xbox One Sept 7-13, Get a Free Game
September 4, 2014, 10:42 AM
Quick Note: Microsoft to Ditch Windows Phone, Nokia Branding
September 10, 2014, 2:14 PM
Apple Announces 4.7" iPhone 6, 5.5" iPhone 6 Plus
September 9, 2014, 1:45 PM
Latest Blog Posts
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information