140,000 Macs Still Infected with Flashback Malware Despite Apple's Fix
Although Apple released a number of Java patches and an uninstaller tool, it is being estimated that roughly 140,000 Macs worldwide are still affected by the Flashback Trojan. According to Symantec
, the numbers are at a point much higher than forecasted by the security firm.
It was being predicted that the number of affected machines would have dropped by now given that Apple and third-party vendors released their respective Flashback-neutralizing programs last week. Apple even rolled out a removal tool for those Mac users who donít have Java installed and may therefore be harboring a dormant version of the malware. The statistics from Symantecís ďsinkholeĒ or spoofed command and control server are showing that Flashback has been removed from roughly 460,000 machines since April 9th but the company expected less than 99,000 would be carrying the Trojan by today.
For those of you who donít know, sinkholes are used by internet security and research firms to monitor and analyze the spread of malicious programs. There hasnít been any speculation as of right now as to why the remaining Macs havenít already disposed of Flashback since the self-installing program can easily be detected and deleted. It is possible that machine owners continue to remain unaware of the program and/or havenít performed a software update that would remove it.
Meanwhile, another threat
seems to have surfaced that uses a similar vulnerability as a means of distribution. The new threat called Backdoor.OSX.SabPub.a has also been seen being distributed in malicious Word documents, installing itself by exploiting a known record parsing buffer overflow vulnerability as well. As usual, try to be cautious as to what sites you are going to and what files you are opening as threats continue to surface and the OS X platform seems more and more vulnerable.