Flashback botnet infects 41,600 Australian Macs

The Flashback botnet has affected 41,600 Mac computers in Australia, making it the fourth most infected country in the world, according to research from Kaspersky Lab.

A total of 670,000 computers have been infected worldwide with more than 98 per cent thought to be running the Mac operating system (OS) X.

The United States had the most infected computers (300,917), followed by Canada (94,625), the United Kingdom (47,109) and Australia (41,600).

Apple has confirmed it is crafting a weapon to vanquish the Flashback botnet from computers and working to disrupt the command and control network being used by hackers behind the infections.

According to Apple, the botnet took advantage of a weakness in Java programs. Flashback is designed to let hackers steal information such as passwords or financial account numbers from infected computers.

Kaspersky Australia and New Zealand technical services manager, Nigel Hedges, told Computerworld Australia that the rapid spread of the botnet in Australia was due to a couple of factors.

“There is a major illusion that Macs don’t get viruses and this is a blanket of complacency that will bite Mac users on the backside,” he said.

“Australia has also been a big adopter of Macs in the past few years, some reports put Apple as having a market share of between 11 and 13 per cent in Australia.”

Hedges said consumers running Mac OS X should visit flashbackcheck.com to see if their computer is infected.

“Users need to enter their Universally Unique Identifier [UUID], which will be checked against Kaspersky Lab’s Flashback database of infected computers.”

The vendor is offering a free program called the Flashfake removal tool for users whose UUID is found in the database of infected computers. This will scan the computer’s system and remove the botnet if it is detected.

Hedges added that there were a few lessons Apple and its customers could take away from the attack.

“Apple needs to improve their patch management release process because this will help protect consumers. From the Mac user perspective, they should update their security software, use a password manager for different applications and keep their Java and Adobe reader components up to date,” he said.

According to application statistics and some security vendors, sales of Mac security software have jumped worldwide since news of the infection emerged on 6 April.

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Copyright © 2012 IDG Communications, Inc.

8 simple ways to clean data with Excel
Shop Tech Products at Amazon