Flashback Trojan Reportedly Controls Half a Million Macs and Counting

via Daring Fireball by John Gruber on 4/5/12

Jacqui Cheng, Ars Technica:

Variations of the Flashback trojan have reportedly infected more than half a million Macs around the globe, according to Russian antivirus company Dr. Web. The company made an announcement on Wednesday — first in Russian and later in English — about the growing Mac botnet, first claiming 550,000 infected Macs. Later in the day, however, Dr. Web malware analyst Sorokin Ivan posted to Twitter that the count had gone up to 600,000, with 274 bots even checking in from Cupertino, CA, where Apple’s headquarters are located.

Cheng links to F-Secure, who has instructions for checking if your system is infected. If you don’t have Java installed (or have it installed, but keep it disabled in your web browsers) you should be safe.

The weird thing to me is that if true, this sounds like the worst malware problem Mac OS X has ever seen — yet there doesn’t seem to be any hysterical media coverage about it. Hypothetical Mac security problems often get hysterical coverage; now we apparently have an actual security problem and it’s no big deal?

Update: I’m curious to hear from any readers who determine that their system’s been infected by this thing.

Update 2: Via email and public Twitter replies, I’ve seen reports from about a dozen or so DF readers who’ve been hit by this. And they all seem like typical DF readers — sophisticated, experienced, if not downright expert Mac users. It’s not an epidemic, but it’s definitely real, and insidious.

And regarding the lack of hype surrounding Flashback, DF reader Paul Hoffman (via email) has a theory:

I suspect that there hasn’t been that much hype is that the hype is normally generated by the anti-virus companies, and (from what I have heard) none of the Mac AV software caught this until yesterday. Whoopsie.

Sync iCloud to Dropbox! Giving it some thought, should be easy to get it to any number…

Sync iCloud to Dropbox! Giving it some thought, should be easy to get it to any number of services. Going to have to play with this.

Embedded Link

Sync iCloud to Dropbox
Mac and iOS users are going to be increasingly pushed to choose between storing their documents in iCloud or Dropbox. I expect that Apple will continue to push more and more features to iCloud that will make people want to use it, and I expect that Apple will continue to make iCloud easier and easier for iOS and Mac developers to use, so developers will want to support it.

I like the idea behind iCloud, but I don't really trust iCloud yet. Apple's previous attempts at online services have l…

Google+: View post on Google+

I really like this product, and it’s nice to see other companies, such as LastPass,…

I really like this product, and it's nice to see other companies, such as LastPass, integrating this into their login process.

Embedded Link

An improved Google Authenticator app to celebrate millions of 2-step verification users
Posted by Sara "Scout" Sinclair, Associate Product Manager, Google Security Team Since we first made 2-step verification available to all Google users in February of 2011, millions of people around the world have chosen to use this extra layer of security to protect their Google Accounts. Thousands more are signing up every day. And recently, we updated the feature’s companion smartphone app, Google Authenticator, for Android users. 2-step verification works by requiring users to enter a veri…

Google+: View post on Google+