SAN FRANCISCO, April 11 The cybersecurity
community raked Apple Inc over the coals on Wednesday,
saying the company had dragged its heels on eradicating malware
that experts say may have infected up to 600,000 Macintosh
computers and can be used to ferret out sensitive user
information.
The consumer electronics company said it was working on
finding and ridding "Flashback" malware that exploits a flaw in
Oracle Corp's Java software. Apple has issued patches
and is now developing software to detect and eliminate
Flashback, it said on its website. The company declined to
elaborate.
But Apple is catching heat for not having quickly addressed
the issue, even after Oracle distributed its own patch in
February.
Several security blogs accused Apple of having not been
forthcoming in the past about security issues, but gave the
company credit for stepping forward now.
"Someone in Apple has broken ranks following the recent
revelations of a Jolly Big OS X botnet," Paul Ducklin at
security specialist Sophos wrote. "Apple has -- apparently for
the very first time -- talked about a security problem before it
had all its threat response ducks in a row."
Trojans and other malware typically target Microsoft
Windows, long the dominant PC operating system.
Flashback stands out in that it represents one of the
largest-scale invasions of Apple computers, which are gaining
ground on Windows PCs.
Antivirus specialists Symantec Corp said the
malware surfaced last summer or early fall. It said the number
of infected computers, which hackers link into botnets to access
private information, had dropped to 270,000 as of this week.
FLASHBACKS
A "Trojan" is a software program that looks and acts like a
regular program but opens backdoors into a user's computer
systems.
The Flashback software, also known as "Flashfake",
advertises itself for download on infected websites as a Java
software add-on or applet, experts said.
According to Kaspersky Labs' Igor Soumenkov, more than half
of the over 600,000 initially infected computers, or bots,
originated from the United States, and he estimated more than 98
percent could be Macs.
The software can be used to modify Internet pages, for
example by adding a field asking users to type private
information such as bank account data, said Michael Sutton, VP
of Security Research at Zscaler ThreatLabZ.
Apple has issued patches and is now developing software to
detect and eliminate Flashback, it said on its website.
"While it's encouraging to see Apple taking steps to
eradicate the Flashfake Trojan, they're late to the party,"
Sutton said. "Unfortunately, Apple has a long history of putting
blinders on when it comes to dealing with security researchers."