Flashback trojan hits OSX

Flashback is a new trojan virus that automatically infects Mac OS X when users visit certain websites. It is one of the first signs that hackers and creators of malware are starting to pay attention to the growing market share of Mac users. Most (myself included) don’t even bother getting an anti-virus program because infections on a Mac have historically been pretty rare. Vulnerabilities in OS X and especially Safari, however, have been around long enough for hackers to start to taking note of a new niche market with a user base relatively unaccustomed to the concept of malware.

That’s why it’s a good idea to understand how some of these malware programs actually work. It’ll help you to be more vigilant about protecting yourself, your data and your identity.

Most malware is designed to generate monetary profit for someone. Whether it’s some script kiddie in nigeria or a group of hackers, the objective behind most malware falls into one of these categories:

  • Data theft
  • Blackmail
  • Click Traffic
  • BotNET node

Stolen data most often leads to identity fraud and/or blackmail. Browser traffic re-direction generate clicks on websites that pay hackers. Some infected systems become BOTS (like controllable zombie computers) that hackers can use to send SPAM or perform DDOS (Distributed Denial of Service) attacks.

The best way to protect yourself from any of the above is to take a few precautions. Here are some computing activities to generally avoid (even on a Mac):

  1. Don’t blindly click links in emails, especially ones from a financial institution. Do your online banking by logging directly onto the bank’s secure website.
  2. Refrain from searching for dangerous terms (lyrics, free music, game cheats, ringtones…check out the entire list). Many of the results are likely pages that could infect your computer.
  3. Don’t download or search for pirated videos, games or software. Search results and downloaded files often contain malicious code.
  4. Steer clear of “free utilities” that will optimize or speed up your computer. If your computer has issues you can’t fix yourself, take it to a trusted professional.
  5. Try not to use free unencrypted wifi networks…especially for secure Internet transactions.
Conversely, here are some things you can do to lessen the chances of becoming a cyber victim.
  1. Change your passwords once in a while and don’t use one password for everything.
  2. Get an anti-virus program. It doesn’t need to be expensive, there are low and no cost options that will do the job.
  3. Install security updates when they become available. An up-to-date operating system is a one of the best ways to mitigate risk.

If you feel that your computer may have been infected or compromised, there’s a free check tool Liferhacker found here. The Flashback virus will not execute it’s payload if it finds any of the following programs installed on your Mac…so it’s a good idea to get one of these on your Mac either way:

Hope it helps.

No Responses So Far... Leave a Reply: