The Russian company Dr Web has said in a report
that over 600,000 Apple computers have been infected by a Trojan virus called Flashback. According to PC Mag
the majority of the computers are in the USA.
Flashback malware exploits weaknesses in the Java programming language, and allows a malicious code to be installed from bogus sites without the user's permission. Once the Trojan is installed it sends a message to the intruder's control server with a unique ID to identify the infected machine.
The number of infected machines has created what is known as a "botnet". A botnet is a collection of compromised computers, each of which is known as a 'bot', connected to the Internet. When a computer is compromised by an attacker, there is often code within the malware that commands it to become part of a botnet.
The Trojan poses as an installer for Adobe’s Flash player, according to The Daily Telegraph
. If a Mac owner's Apple Safari browser is set to automatically open “safe” files, such as those ending in pkg, unknowing users could find their existing security software turned off and become infected.
According to The Daily Mail
, the Trojan only affects devices running Apple's Mac OS X operating system. The paper also notes that this partially exposes the myth held by many Mac owners that they are immune to viruses, whereas the reality is that few hackers write viruses aimed at Macs.
Apple have stated that they have issued a security update
, although this needs to be installed by Mac users and those who have not installed the patch remain vulnerable. This follows a failed attempt
by Java to issue a security fix.
Meanwhile, many Mac owners remain vulnerable unless they install the security fix.