[MacTUG] Flashback malware downloader - anyone encounter it?
Mike Patterson
mpatterson at uwaterloo.ca
Mon Apr 9 11:40:12 EDT 2012
On 12-04-09 11:37 AM, Glenn Anderson wrote:
> Has anyone encountered a Mac that has had the Backdoor.Flashback.39
> trojan?
>
> I see that there is a web tool for checking out if one's Mac has
> this.
If somebody finds any evidence of Flashback on their Mac (on-campus),
I'd be *very* interested in hearing about it. I have IDS signatures
that purport to detect Flashback C&C checkins, which have yet to fire
for campus. That might be because there's nothing to see, or it might
be because they're incorrect. If the latter, I need to know.
> Note: If one's Mac OS is up to date ( i.e. Java has been updated ),
> then from what I understand one is safe from this particular
> trojan. Anyone here differently?
Even if it's true in this case, it won't be true for the next exploit.
Apple took unconscionably long to release a fix for this - Oracle
patched the Windows platform mid-February or so.
Mike
--
It was sufficiently weird that I found myself wishing it was more like
sendmail. - Matt MacLeod, monk
More information about the MacTUG
mailing list