Have you had problems with the Flashback trojan on Macs?

SilverHawk

We only have a few people that bring their own Macs to my office, and as far as I know, it hasn't been a problem for any of them. Then again, they are all pretty much convinced that "Macs don't get viruses."  I'm not a Mac user personally, and we don't really support their use, but employees can use their personal Macs to access our WiFi. What are the risks posed by the Flashback trojan, and what are you doing to make sure that your network is safe?

Topic: Security
Answer this Question

Answers

2 total
jimlynch
Vote Up (21)

I haven't had any problems with it. I installed Apple's Java update, but I also disabled Java in Safari.

Here's how you can do it too:

http://www.itworld.com/security/266254/turn-java-safari

Here's some background on how you can diagnose and remove the trojan:

http://www.geek.com/articles/apple/check-if-your-mac-has-the-flashback-t...

dthomas
Vote Up (18)

 

I would certainly install the latest Java update immediately, if you haven't already.  It's easy to get complacent.  This must be excruciating for my, "Macs don't get viruses!" buddy.  They only make up something like 10-15% of the market, so it stands to reason that they would be less likely to be targeted by malware.  But "less likely" doesn't equal never.

 

Here is an article about checking to see if a Mac is infected.  There are a couple of links to free checkers if you need it.  http://9to5mac.com/2012/04/10/free-app-checks-for-the-flashback-trojan-infecting-600000-macs/#/vanilla/discussion/embed     

 

Ask a question

Join Now or Sign In to ask a question.
Virtual private network servers based on OpenVPN might be vulnerable to remote code execution attacks through Shellshock and other recent flaws that affect the Bash Unix shell.
Günther Oettinger, the European Union's proposed Commissioner for the Digital Economy and Society, gave a disappointing performance at his confirmation hearing, dodging questions and calling the victims of a recent data breach "dumb."
A malware program that targets Hong Kong activists using Apple devices has trademarks of being developed by a nation-state, possibly China, according to a security company.
Google has tripled its maximum reward for finding flaws in its software to US$15,000, a figure the company hopes will deter independent researchers from selling their information on shady markets.
The "Shellshock" flaw has the potential to pose a risk to the payments industry, but doesn't appear to have caused any problems yet, an official with a consortium run by major credit card companies warned on Tuesday.
The number of attempts by hackers to compromise computers through the Shellshock vulnerability is rising, but companies have options for defending against attackers.
The year since our previous Global Information Security Survey won't go down as one of the better years for information security. In fact, it may go down as one of the most grueling.
Small and medium-size U.S. companies should band together on cybersecurity systems as a way to pool limited resources against increasingly sophisticated attackers, the former director of the U.S. National Security Agency said Tuesday.
For the second time in as many weeks, a senior U.S. government official has warned that widespread use of encryption could harm investigations.
Four alleged members of an international computer hacking ring face charges in the U.S. of breaking into the computer networks of the U.S. Army and several tech companies and stealing several software packages, including programs used to train Army helicopter pilots.

White Papers & Webcasts

See more White Papers | Webcasts