Though Windows users have become accustomed to regular malicious attacks, Apple’s Macintosh users have remained largely untouched. There are a number of reasons for this; ranging from the inherent security of Mac, Linux, and Unix computers to the fact that until the last few years Apple presented a relatively small target to hackers. Regardless of the reasons Mac users have enjoyed a mostly virus-free existence, the events of the last few months have shown us that things are changing.
Several malicious programs have infected Mac computers in recent months. First was the Flashback trojan, called Flashback.K. It was quickly followed by SabPub, and Flashback.S. Apple has released security updates to address these issues. If you have not installed your Mac security updates, it is highly recommended that you do so quickly. There are links to Apple’s descriptions below, but you should be able to simply use the system update to take care of things.
This trojan infected computers through a Java vulnerability. Oracle issued a patch, which Windows users received in February. This trojan was particularly challenging, as it was written in a custom programming language. Over 650,000 Mac users were infected. To see if your Mac is infected, you can follow the instructions provided by F-Secure. Apple has since provided a patch and a security update, which may make this fix obsolete.
Apple’s support page provides a link for OSX Lion users that don’t use Java here. Users of OSX Lion 2012 – 003 can find the Java patch here. Users of OSX 10.6 Update 8 can get the Java patch here.
Flashback.K altered the way users viewed the web, and exploited Google Ads to generate revenue. It created a means of artificially clicking on ads. It does this by altering search results pages on a user’s browser. You can read more about Flashback.K here.
Shortly after the Flashback.K patch, a new Mac virus hit the press. This one used a Microsoft Office vulnerability. This vulnerability also included Java. There have been a few variants of this trojan as well. You can read more about the SabPub trojan here.
Flashback made another pass at the end of April with a variant named Flashback.S. It, like its predecessor, used a Java exploit. There are several other variants of this trojan out there, largely targeting the un-patched Mac computers. As with Flashback.K, this does not need an administrative password to install. You can read more about Flashback.S here.
Though these infections spread quickly, there is no need to panic. By being careful during web browsing and paying attention to program installation requests you can keep yourself relatively safe. Apple provides a page with useful tips on keeping your computing experience virus and malware-free. Check out their security tips here. In general, only follow links to trusted sites, don’t install unknown programs, and make sure you keep your security updates current.