NEWS - April 05, 2012

by Carol~ Moderator - 4/5/12 8:44 AM

"600,000+ Macs are in this botnet, including 274 in Cupertino"

For the second time in a year there appears to be widespread malware infections affecting users of Apple's OS X operating system.

In the first half of 2011 we began seeing variants of fake anti-virus applications for OS X, after many years of the problem plaguing Windows users. The tactic must have worked as we began to see more and more variants distributed up until June.

Around the time Mac fake anti-virus malware disappeared a prominent Russian cybercriminal, Pavel Vrublevsky, was arrested and the problem appeared to be solved.

Unfortunately the Mac malware scene has made another advancement, and this time it doesn't rely on social engineering or human error.

As Graham wrote earlier this week cybercriminals have begun to use drive-by exploitation techniques to infect OS X users, the same way they have targeted their Windows brethren previously.

At the time the Java exploit in question (CVE-2012-0507) was not patched in the version of Java distributed by Apple. Yesterday Apple responded by patching the six week old flaw with an update to Java 6 update 31.

Continued : http://nakedsecurity.sophos.com/2012/04/05/mac-botnets-gaining-traction-using-drive-by-java-exploit/

Also:
Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say
Flashback trojan reportedly controls half a million Macs and counting
Trojan infects more than half a million Macs
550,000-strong army of Mac zombies spreads across world

Related: Apple Releases Java Update; Includes Fix for Vulnerability Exploited by Flashback Malware