Flashback Malware-infected Macs, Down to 30K

Image via Apple Insider

After Symantec’s report that around 140,000 Macs are still affected with the Flashback malware, researchers from Kaspersky Lab revealed last Thursday morning that it is now down to 30,000. It should be recalled that Apple released a Java update last April 12 to limit the Trojan’s presence to infected machines. It was followed by a Flashback Malware Removal Tool for Mac that doesn’t have a Java installed.

Flashback Malware on Macs

The Flashback Malware was discovered last September 2011 by a security firm, Intego. It came from malicious websites, and tricks users to download a phony Flash Player. Once downloaded, it will remove the installer package and deactivate some network security software. The Trojan will inject itself to certain applications and will connect to remote servers to send specific information about the machine.

Although it took long for Apple to distribute a fix, the Flashbook Malware Removal Tool is now available for download at the company’s customer support. Designed for Mac OS X Lion that don’t have Java installed, this will scan the computer and erase any known iterations of the Trojan.

This is Just the Beginning

Despite the available fix, Kaspersky believe that the Flashbook Malware could be just the beginning. They pointed out that more hackers will continue to target the Mac, as Apple has acquired significant market share and continues to outgrow the rest of the PC market.

“Market share brings attacker motivation. Expect more drive-by downloads, more Mac OS X mass malware. Expect cross-platform exploit kits with Mac-specific exploits.”

In fact, another Mac Trojan was discovered earlier this week. Dubbed as “LuckyCat,” the malware takes advantage of a hole in Microsoft Word to spread. According to Kaspersky Lab expert Costin Raiu, it uses a Java exploit to infect targeted machine. It will then spread through Microsoft Word documents, and it will take advantage of the vulnerability known as “CVE-2009-0563.”

Undetected for more than a month, the malware takes over the infected machine and manually extracts some document from it. Raiu was pretty confident that the attack was done manually, which means that a real attacker infects a Mac and then manually analyzes and steals computer data.


Because of this multiple malware attacks, security on Mac devices has been in the spotlight for the past few days. It is more alarming since Apple took a couple of months before releasing a software update for its Flashbook malware and the LuckyCat remained undetected for over a month. Hence, it is advised that Mac owners should be wary on where they download their software.

Leave a Comment