Skip to main content

The Globe and Mail

Flashback the end of Mac users' blithe indifference to web viruses

In a Wednesday, March 7, 2012 file photo, Apple CEO Tim Cook announces a new iPad during an Apple announcement in San Francisco. A widespread virus called Flashback or Flashfake has hit hundreds of thousands of Apple computers worldwide — including an estimated 100,000 in Canada — and is widely considered to be just the first of many malicious attacks that will continue to ensnare Mac users.

Paul Sakuma/AP/Paul Sakuma

Mac users can no longer be indifferent about the risks of viruses and cyber attacks, warn computer security experts.

A widespread virus called Flashback or Flashfake has hit hundreds of thousands of Apple computers worldwide — including an estimated 100,000 in Canada — and is widely considered to be just the first of many malicious attacks that will continue to ensnare Mac users.

Virus creators have long been targeting the growing numbers of Mac users and the fact Flashback/Flashfake hit an estimated one per cent of all Macs worldwide makes the launch of this virus a "historic event," said Mikko Hypponen, chief research officer with security company F-Secure.

Story continues below advertisement

"Mac users can't just do like they've always done, which is to laugh at the Windows users who had to worry about viruses because they didn't. I think it's a wake-up call for Mac users," Mr. Hypponen said.

"Now we see the very same risks apply to Apple users as well. I think it's the first of many more to come, I think the happy days of virus-free Macs are behind us."

Word of the virus first broke out of Russia last week, with an estimated 600,000 computers affected worldwide. The first wave of infections were linked to a fraudulent pop-up prompt users received on websites to install a new version of Adobe Flash. Later, hackers identified a security hole in the Java platform that allowed users to get infected without clicking on anything at all.

"The pages that would infect you could be perfectly normal websites, sites that you visit all the time, except now they had been hacked," explained Hypponen. "But the hackers made no visible modifications, everything looked normal. But it loaded a Java (program) in the background and that (program) exploited the vulnerability."

Users infected by the virus could have their computers controlled and watched remotely by hackers and are vulnerable to having personal and banking information stolen.

The outbreak was fascinating for security watchers who have long warned about the potential for Mac infections, said Liam O Murchu, manager of security response operations for Symantec.

"We don't see a lot of threats on Mac but we do (now) see a gradual change where the attackers are starting to look at other horizons and other operating systems outside of Windows," he said.

Story continues below advertisement

"Really no matter what operating system you're using, you're not immune from these attackers."

While iPads and iPhones have not yet been well targeted, Google Android mobile devices have proven to be good targets for hackers, he added.

"With Android we're seeing an increase in the amount of attacks, definitely. We're seeing lots of apps that are cloned and have some malicious content added to them and then are replaced in some of the marketplaces, particularly in some of the non-official marketplaces. That's one area we're definitely seeing growing a lot."

Hackers may be seeking out new targets to find users who have their guards down and aren't as accustomed to worrying about viruses, said Tim Armstrong, malware researcher at Kaspersky.

"Mac users haven't been inundated with malware for the last 10 years (like Windows users) and maybe aren't quite as prepared to deal with a malware situation or recognize one," said Mr. Armstrong, noting that Mac anti-virus software is much less common than on PCs.

"We've had a Mac product for a number of years, as have some of our competitors, but it's just really a fact that Mac users have not taken as seriously the necessity of installing anti-virus software.

Story continues below advertisement

"Apple has in the past sort of positioned themselves as being more secure. But really, that security was really obtained through obscurity rather than being a truly more secure operating system."

Apple has let down its userbase with its response to the outbreak, Mr. Hypponen said. While the Java security hole was publicly identified in February, it wasn't until last week that Apple released its own update to address it.

"I'm not seeing that Apple has had any kind of wake up call because of this, which is a bit surprising. You would think they would've been much more visible about this and provide much more guidance for their customers," he said.

Apple has a basic anti-virus program built into its OS X operating system but it still hasn't been updated to identify and fix the Flashback/Flashfake virus, Mr. Hypponen added.

"It baffles me, you'd think they'd do that, you'd think they would do whatever they can to protect their users but they haven't," he said.

"Apparently they are not able to act that fast — it's the only explanation I can come up with — which sort of tells us they don't have the hands-on security experience that, for example, Microsoft has by now.

"Of course, Microsoft has been forced to learn it because they've been attacked so many times. It seems like Apple is just now starting to learn."

(Note: Kaspersky has a free online tool to check your Mac for the Flashback/Flashfake virus, just click here.)

Report an error
Comments are closed

We have closed comments on this story for legal reasons. For more information on our commenting policies and how our community-based moderation works, please read our Community Guidelines and our Terms and Conditions.