April 12, 2012

Flashback Mac malware

Patrik Runald

We in Websense® Security Labs™ have been following the developments of the Flashback trojan for Mac that has infected over 600,000 Apple computers worldwide. The number of infected computers seems to be dropping steadily now and will continue to do so as Apple yesterday released a removal tool as part of their Software Update:

We recommend that all Apple users install this software update as soon as possible.

Flashback itself has been around since last year, but the number of infections really increased after it was used in drive-by download attacks using CVE-2012-0507, a vulnerability in Java. This marks the first time that Mac users are under the same threat that Windows users have been for years; it's enough to visit a website to get compromised.

Websense customers are protected against all known variants of the Flashback trojan, and we also have real-time coverage in place for the traffic between the malware and the command and control servers. And that's the benefit of having a gateway product that can inspect content in real time: Data is data, regardless of what the endpoint is (Windows, OS X, iOS, Android, etc.).

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.