Flashback Attack Part 1
by Gary Woods
This is the first of a four part article about the first serious attack to the Mac Operating system from a Virus called Flashback. There have been other attempts at trying to bring the vaunted Mac OS to its knees but really they were pretty wimpy. So, that said let's take a look at what Flashback is and what's happened to it.
The Flashback Trojan infected about 600,000 Macs so I thought it would be interesting first to see what it is, second to look at what the response from Apple and other vendors was and third, look at some things we can do to protect ourselves.
First, Flashback came knocking in September 2011 masquerading as an Adobe Flash installer. The original version of this devil had to be installed by the user. But, the new form of it is what's called a"drive-by download" which means all you have to do is visit an infected website and you're toast. This second variant rather than needing a user to install it uses an unpatched Java vulnerability to install itself just by the user going to an infected website. Once the virus is on your computer it pops open a Software Update window to try and obtain your administrative password, but it does this only to embed itself more deeply into your Mac.
After establishing itself on your computer, the virus inserts itself into Safari and appears to harvest information from your Web browsing activities including user names and passwords. It then sends this information to command and control servers on the Internet.
The purpose of this column isn't to be a fix all solution for Flashback but more to look at what Apple and others did about the problem and then offer some alternatives. But just briefly, to protect yourself, disable Java in Safari and other Web Browsers. Un-install Flash and use Google Chrome as your browser and if you don't need Java at all, disable it.
Next week we'll look at what Apple did in response to the Flashback Virus and how long it took to do it.
If you have any suggestions or questions for me please drop me a note at email@example.com or see my column on the Internet at http://www.santabarbaraproperties.com or call me at (805) 729-0910
Gary Woods is the Computer Trainer for the Santa Barbara Association of Realtors. And he is a Broker/Associate at Home Realty & Investments, Inc