More than 600,000 Macs infected with Flashback botnet

"Russian antivirus company says half the computers infected with malware designed to steal personal information are in the U.S. -- with 274 located in Cupertino."

More than half a million Macs are infected with the Flashback Trojan, a malware package designed to steal personal information, according to a Russian antivirus company.

The company -- Dr. Web -- originally reported today that 550,000 Macintosh computers were infected by the growing Mac botnet. But later in the day, Dr. Web malware analyst Sorokin Ivan announced on Twitter that the number of Macs infected with Flashback had increased to 600,000, with 274 of those based in Cupertino, Calif.

Quote from CNET News Article by Steven Musil Click Here

Following the linked article will also provide you a link for a patch. The article has been updated to provide that patch.

As Macs become more popular, it is only natural that they will be subject to malware attacks. At the same time, I think that Mac users have often felt their system was immune to malware, and thus perhaps were not as careful and as security-conscious as those of us with Windows have learned to be.

+1 to jg, I have worked with macs for quite a while.. I and most of the security minded mac users have been saying for years that eventually this "safe haven" that the mac possessed was going to be broken and something large scale was going to happen such as this. Think of it from a person looking to steal a bunch of money from a bank, they have a plan, which involves vulnerabilities (ie the mac os). The only reason these malware writers hadn't gone as far as this before is because it wouldn't have been worth their time but also.. it would have closed a vulnerability that they knew about, I can almost guarantee that malicious writers know about fifty or so "holes" in OS X that have been around for years, they just haven't used them yet because they are saving them for.. well they were saving them for a time when apple's became more widely used, recently I read a story that said that mac's are now in 50 percent of american homes. There you have it, the perfect time for them to use those vulnerabilities. Who ever said OS X was impenetrable? Now lets all slowly walk away and go use a linux distro.

Is nothing sacred...

F Secure technicle article..
http://www.f-secure.com/weblog/archives/00002336.html

On Monday, I provided steps on how to avoid your Mac being compromised by the Flashback trojan. Today I will provide information on how to locate a Flashback infection.

To better understand the steps below, it is better to also know a bit about Flashback. It's an OS X malware family that modifies the content displayed by web browsers. To achieve this, it interposes functions used by the Mac's browsers. The hijacked functions vary between variants but generally include CFReadStreamRead and CFWriteStreamWrite:

I wonder how they actually count/estimate number of infected computers....

Yeah, see? This is exactly what I mean. People I know who own Macs just look at me weird when I tell them that they are becoming just as at risk as we who use Windows are. It's like they don't believe me, but if they read this post, then they would.

Apple Issues Second Java Update to Patch Vulnerability Exploited by Flashback Malware: http://www.intego.com/mac-security-blog/apple-issues-second-java-update-to-patch-vulnerability-exploited-by-flashback-malware/

Read another article this morning that I agree with. It pointed out that most never use Java. As the
writer pointed out he only has seen recently some crossword puzzles and one bank service that could
easily be worked around.

I suggest users, regardless of platform, disable Java in their browsers. It can easily be re-enabled if needed.
I think most will find they just don't need it.

From the web: To disable Java in Apple's Safari, go to the Safari menu, select "Preferences…" and click that window's Security heading, then click to clear the checkbox next to "Enable Java." To do the same in Mozilla Firefox, go to its Tools menu, select "Add-ons," click "Plugins" and click the "Disable" button to the right of the Java plug-in entry. In Google Chrome, click the wrench-icon menu, select "Under the Hood," and click the "Disable individual plug-ins" link.

This is the article: Secure your Mac from Flashback infection – USATODAY.com

I wonder how they actually count/estimate number of infected computers....

In this case Dr. Web says they "hijacked" this particular botnet. They have a list of all IP addresses of the botnet.

QUOTE: Dr Web said that once the Trojan was installed it sent a message to the intruder's control server with a unique ID to identify the infected machine. "By introducing the code criminals are potentially able to control the machine," the firm's chief executive Boris Sharov told the BBC.

"We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals' hands. However, we know people create viruses to get money.

As a Mac user, it's time for me to be careful when downloading and doing something in the net, ayt? I'm sure Mac Support will always have malware warrior that will fight any malware distructions.

+1 to jg, I have worked with macs for quite a while.. I and most of the security minded mac users have been saying for years that eventually this "safe haven" that the mac possessed was going to be broken and something large scale was going to happen such as this. Think of it from a person looking to steal a bunch of money from a bank, they have a plan, which involves vulnerabilities (ie the mac os). The only reason these malware writers hadn't gone as far as this before is because it wouldn't have been worth their time but also.. it would have closed a vulnerability that they knew about, I can almost guarantee that malicious writers know about fifty or so "holes" in OS X that have been around for years, they just haven't used them yet because they are saving them for.. well they were saving them for a time when apple's became more widely used, recently I read a story that said that mac's are now in 50 percent of american homes. There you have it, the perfect time for them to use those vulnerabilities. Who ever said OS X was impenetrable? Now lets all slowly walk away and go use a linux distro.

I've also been waiting for Apple computer penetration to be high enough to become a viable Malware target.
The bigger problem for Macs is that the users feel like they can't catch anything and don't worry about it. When the bad guys get into their checking account, credit card account and steal their identity after downloading their Income tax records.

And due to the cost of their systems they make a higher income target....

I'll bet the story got it wrong that Mac's are in 50% of US homes. And what they really meant was that 50% of US homes have an Apple product. Count Ipads, Iphones, Ipods & Apple TV maybe so.

Kaspersky Launches Free Flashback Removal Tool and Website to Check for Infections | PCWorld

........In order to make it easier for average users to check whether their computers are infected, Kaspersky Lab launched a website on Monday where people can input their systems' unique hardware identifiers (UUIDs) to see if they are among the almost 700,000 Macs known to be infected with Flashback so far.

Kaspersky also released a stand-alone removal tool for the Flashback malware, which Mac owners can download and use for free. However, it's probably a good idea to install a full-featured antivirus program after running this tool in order to prevent future infections............

As a Mac user, it's time for me to be careful when downloading and doing something in the net, ayt? I'm sure Mac Support will always have malware warrior that will fight any malware distructions.

I hope you were being sarcastic with your message?

What I was trying to say was that, is downloading something from the internet will lead my Mac to be infected with this Flashback or this malware will directly or automatically inject to the system and will harm it?

Oh, OK

From here
Sophos Anti-Virus for Mac Home Edition
Free antivirus that works simply and beautifully
" Mac with Intel or PowerPC processor
256 MB of memory
150 MB of available disk space
Mac with OS X 10.4 (Tiger), 10.5 (Leopard), 10.6 (Snow Leopard) or 10.7 (Lion)
Supports all Apple Mac hardware including iMac, MacBook, MacBook Pro and the new MacBook Air
"

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
or here
http://download.cnet.com/Sophos-Anti-Virus-for-Mac-Home-Edition/3000-2239_4-75328306.html

I believe as long as you don't have Java installed or have installed the latest Java update from Apple you are probably safe as I understand it. It is a Drive By installer and you don't even realize it.

So I'd install the Antivirus and run a full scan just to be sure.

Good Luck
Roger