Full Disclosure: I used to be one of those Mac users who wasn’t too concerned with malicious links and suspicious emails because, hey, I use a Mac and Macs aren’t that susceptible to malware. … Oh how I miss those days.
Mac malware is on the rise, with an estimated 600,000 computers affected but the Flashback Trojan at the moment and another exploit taking advantage of a security flaw in outdated Microsoft Office for Mac files. Here’s some information on the Flashback Trojan’s effects, from PCMag:
The Java flaw exploited by the so-called Flashback Trojan dates back to February, but Apple did not release a patch until April 3. As a result, approximately 550,000 Macs were infected, according to data released this week from anti-virus vendor Doctor Web.
Doctor Web today provided a few more details about the proliferation of the Flashback Trojan. Almost 350,000 of the affected devices were in the U.S., with about 125,000 in Canada, and 75,000 in Great Britain.
In the U.S., Manhattan-based Macs saw the largest number of traceable infections at about 5,000, followed by Brooklyn, Los Angeles, and Chicago. But the whereabouts of almost 18,000 affected Macs was unknown, Doctor Web said.
In Canada, Toronto was hardest hit (14,000), while Londoners were most-impacted in the U.K. (almost 20,000). For more details, see the map below.
As PCMag’s Security Watch noted yesterday, Mac users did not have to download or even interact with the malware to become infected. Websites exploited a Java flaw that let Flashback.K download itself onto Macs without warning. It then asked users to supply an administrative password, but even without that password, the malware was already installed.
And this is how the Microsoft Office exploit works (from PCWorld):