backtop


Print 67 comment(s) - last by Fritzr.. on Apr 18 at 2:51 AM


  (Source: Mashuga Mom)
Flashback botnet is no fun for the infected

Apple has finally owned up to the fact that many of its users' machines have been afflicted by crippling malware.  And it promises that it's working on a fix.  But experts wonder if the company is simply acting in a reactionary fashion or is ready to finally get serious about protecting its users.

I. Trojans are Increasingly a Problem for Mac Users 

In the 1990s, hackers enjoyed a virtual wild west of unpatched exploitable software.  But as the new decade rolled around companies like Microsoft Corp. (MSFT) stepped up their security.  As a result it's become harder for malware to install on Windows computers without some sort of user action.  Hackers have circumvented this by creating programs that trick the user into approving the installation via exploiting trust (hijacked sites, systems) or user ignorance (clicking spam email links).  The approach has become tremendously successful and today Trojan-type malware are responsible for a large percentage of the Windows botnets.

Apple, Inc. (AAPL) long avoided such woes, thanks to its small market share and specialized OS code, which precluded stock PC malware from running on a Mac.  But the company's base security model is in theory no more secure, and -- perhaps driven by rising market share -- of late the company has grappled with serious trojan issues.

Trojan horse
Macs are increasingly the target of Trojans.  Malware writers love Apple's
sluggish pace of patching. [Image Source: Venitism]

The latest fire facing the Mac community is "Flashback", also knows as "Flashfake".  This Trojan has evolved over multiple variants to its current form, which masquerades as an install Java applet on hijacked websites.  Customers who approve it unwittingly run a piece of code that exploits a flaw in Oracle Corp.'s (ORCL) Java platform in order to remove OS X's limited anti-malware capabilities and install back-door control programs.

The affected machines are turned into bots, which the attackers can use to spew spam or commit other foul acts.  Kaspersky Labs' Igor Soumenkov told Reuters in an interview that at its peak, Flashback had infected 600,000 machines, including roughly 300,000 in the U.S.  Approximately 98 percent of those machines were Macs.

II. Is Apple to Blame?

Apple has been under heavy fire from the security community.  First, it was the company's lackadaisical approach to patching that gave Flashback the opportunity to take hold.  

The majority of infections occurred after Oracle had already patched the Java vulnerability.  The code would thus have failed under most Windows machines.  However, Apple insists on redistributing all third-party updates via its own repackaging scheme.  And under this system it often delivers updates at a sluggish rate, often months behind their release to the more open, more used Windows platform.  As a result it's often far behind on security patches of third-party platforms -- something malicious hackers are increasingly realizes means open season on Macs.

Michelle Rodriguez on Mac at Starbucks
Over 600,000 Mac users were infected, thanks to Apple's sluggish patching.
[Image Source: Macenstein]

Apple is quick to respond by attacking third-party platforms like Adobe Systems Inc.'s (ADBE) Flash, which it no longer installs on Macs, in part for being too "insecure".  

At the same time Apple practices a policy of blatant hostility towards security professionals who are trying to help it.

But a promising sign is that Apple, after delivering patches to close the Java flaws exploited by Flashback, has released a Knowledge Base post warning users that Macs are indeed afflicted by this piece of malware.

This is one of the first times the company has officially acknowledged malware issues.  A previous Trojan -- MacDefender --was estimated to have infected as many as one in twenty Macs at its peak.  While Apple quietly battled it with patches and tools, the company instructed technicians in a leaked memo to lie to customers and not inform them of infections.

III. OS X is at a Crossroads in Terms of Security

The new issues put the company's image in an awkward position, given that Apple has long promoted OS X as a platform that is largely immune to the kinds of malware that have long afflicted Windows machines.  Of course some OS X users are savvy enough to realize the reality -- no platform, certainly no consumer platform, is ever fully secure.  However, many less tech-savvy Mac users do truly believe that their machines are immune to malware.  The disillusionment when they learn the truth may be a blow to Apple.

The company is preparing a tool that will detect and remove various known variants of Flashback.  In the meantime its patching seems to be working -- infections have dropped to 270,000 machines, according to Symantec Corp. (SYMC).

While it's clear that Flashback will be beaten back by the Cupertino company, the compelling question is whether Apple's unusual public admission to having malware is a prelude to adopting a more proactive approach: patching faster, or possibly even allowing third party patches.  For now, customers can only judge the company's security stance by its track record -- a track record that speaks to a generally negligent sluggish pace of prevention interspersed with reactionary spurts of action.

Crossroads
Apple is at a crossroads as to whether to decide to become more responsible about security, or allow its customers to be abused. [Image Source: Letters to Jen]

Today hackers appear to be finding Macs the easiest platform to hack.  Apple computers were hacked the quickest at recent "hack-to-own" style competitions.

With Microsoft adopting a more proactive approach and with hackers increasingly attracted to Apple's affluent customer base, if Apple sticks to its reactionary approach, customers may soon find their Macs going from being the most secure platform, to being the least secure.  OS X is at a critical crossroads -- the next move is Apple's to make.

Sources: Apple, Reuters



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Buddy
By StormyKnight on 4/13/2012 1:13:14 AM , Rating: 2
Friend of mine at work is a total Apple fan. Macs, iPads, and iPhones. He keeps lauding how that nobody writes viruses or malware for Macs and keeps trying to get me to buy one. He says that the price differential between Macs and PCs is because Apple only uses the highest quality hardware in their computers. Even after I price out the components of a Mac and show him I can build the exact same computer sans OS, I come out between 18%-20% less expen$ive. He won't have it. I tell him the Apple logo on the box is the only reason you're overpaying. I told him I'd consider an Apple if I get to choose the components inside the box, in other words if I can build it myself. He just doesn't get it I guess from the bewildered look on his face...




RE: Buddy
By ritualm on 4/14/2012 1:42:46 PM , Rating: 2
Keep in mind that

1) Apple doesn't play the low-end, you never see any new Mac laptop under $999 these days.

2) Ignoring the iPhone, it costs you just as much to get the same specs with a non-Apple build. And they end up looking ugly and fat e.g. every Clevo notebook. Or hideously expensive e.g. Sony Vaio Z2.

3) Windows Ultimate is the only Windows consumer/client OS with all features enabled, and it costs as much as a decent desktop GPU card - when bundled with a PC. There is only one version of a major Mac OS release. Don't get me started on the Server editions.

Lastly, consumer perception. Why sell something close to what your competition prices their stuff at, when you can simply tack on a few benjamins?

Many people perceive Apple as a purveyor of high quality products, actual quality notwithstanding . Consequently Apple can price their stuff higher than normal and people will buy them.

Ever seen Dell do the same? It tried with the Adamo. It flopped big time. Because Dell was never seen as high quality. Big perception difference. One or two products alone catering to the luxury segment does not automatically change how people perceive your products.

And you wonder why businesses keep buying ThinkPads over Acer/ASUS/Toshiba when it's not IBM in the driver's seat anymore.

The closest a non-Apple competitor could get as far as branding goes is Acer's Ferrari edition notebooks. Priced like Apple, all because of the Ferrari logo and branding. Unlike Apple, however, they SUCK.

Good luck trying to convince your work buddy to defect from Apple. You'll keep failing. It's like political change, you can't change their opinions without them going through all the trouble on their own.

Meanwhile, I've already planned my next major computer hardware replacement as a Mac from a PC. At least mine won't have an universally-panned Clevo keyboard and a literal consumer-level UPS battery runtime off the wall.


"There's no chance that the iPhone is going to get any significant market share. No chance." -- Microsoft CEO Steve Ballmer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki