avast! Free Antivirus for Mac and the Flashback botnet
Mac computers running the beta version of avast! Free Antivirus for Mac were not infected by the Flashback Trojan.
“We’ve confirmed our app’s detection abilities for Flashback within the test lab and with reports from our beta testers,” says Jiri Sejtko, director of AVAST Virus Lab operations.
The Flashback Trojan linked to the Mac botnet is a derivative of last year’s DevilRobber Mac OS X Trojan. The AVAST Virus Lab now has 18 variants of this malware in its antivirus database.
“With an estimated 600,000 infected Macs, this botnet is just a large example that the Apple operating system is not immune from malware,” said Jiri. “Add a growing market share that makes Mac an attractive target for the bad guys together with a user base that insists they do not need a security app – you have all the conditions in place for an epidemic to rip through.”
The latest Flashback variants can infect vulnerable Macs without requiring the victim to enter a password. “Mac malware has historically been dependent on social engineering – convincing the user to enter the required password. Now these days are over and Mac users can pick up malware just by visiting an infected website,” adds Jiri. “Welcome to the real world.”
Flashback is a logical step in Mac malware’s steady evolution, he points out. Initial malware samples were rather simple, just compiler-generated code, with no encryption whatsoever, but it has since evolved to be more “custom”, with encrypted strings and code, and structured to avoid security apps like LittleSnitch(firewall software for Mac OS) or Apple's XProtect. During 2011, there were some large-scale attempts to spread Mac malware via Google Image poisoning.
“It takes 1-2 years for malware guys to adapt to a new technology - it took a similar time when they switched from DOS to Windows. This latest botnet did not fall out of the clear blue sky. The conditions have been building for some time and I’m glad that our security app will soon be available for Mac users,” says Jiri.
avast! Free Antivirus for Mac is currently in the late BETA stage. It includes the latest avast! antivirus engine, three shields (Web, File, and Mail) and the WebRep reputation and anti-phishing plugin for Safari browser. avast! Free Antivirus for Mac builds on the AVAST Software tradition of providing a full-fledged security app which is completely free. More details coming very soon.
Sextortion email scams are unsettling and can have serious real-world consequences. Read up on several prominent sextortion email campaigns and how to react to them.
Avast Threat Intelligence has identified a new advanced persistent threats (APT) campaign targeting government agencies and a government data center in Mongolia.