(Originally reported April 18, 2012)
Trojan Terror: The End of the Invincible Mac?
Last week, Apple took a huge hit to its reputation. A Trojan horse virus ripped through 600,000 Macs, disguised as a Flash Player Installer. Trojans are known for looking legitimate and appearing to perform a necessary function while actually facilitating unauthorized access to the user’s system. And that is just what this fake Flash Player did. With the Apple “look,” the virus asked users to update their Flash Player and proceeded to steal usernames and passwords stored on the computer. The symptoms, reportedly, are not visible, except for sporadic connections to unknown servers that can only be seen in the Firewall logs.
Apple was, surprisingly, not the first to react. Instead, a Russian antivirus company was the first to report that the Trojan virus was attacking Apple products. Apple continued on in silence for several days, as one news source after another remarked upon the virus. Small viruses had infected Macs before but never to this capacity. Could this be the end of the invincible Macs?
Apple’s response to the Trojan virus was, to say the least, a bit lackluster. By Wednesday, April 11, Apple released a support page on their website addressing newer versions of the systems that read, “Apple has released software updates for systems running OS X Lion and Mac OS X v10.6 that will update Java to fix the security flaw, and remove the Flashback malware if it is present.” So what about the older versions of Macs?
Many users of older Mac operating systems await a permanent remedy. In the meantime, all the users can do is disable Java, which is a shoddy fix when Java is so omnipresent. Apple’s specific repair against the Trojan horse virus came about six weeks after Microsoft (plagued repeatedly by viruses), Adobe, and Oracle already released their fixes. Although Apple disclosed that they were working on eradicating the virus earlier in the week, when normally Apple severely downplays security issues, their response was comparatively slow. So the real question is this: Why wasn’t Apple on top of the virus before it became widespread?
As Mac OS becomes increasingly more attractive, it will also become more exploited by virus trolls. Back in 2008, another Trojan horse virus was launched, pretending to be an update for Apple’s iTunes media player. While the Trojan virus infiltrated Macs, Apple ignored notifications about the virus and ended up waiting more than 1,200 days to completely patch the problem. It took three long years to fix the problem: just imagine the suffering of the customers. Additionally, about a year ago, Macs were struck by a malware called Mac Defender. While the virus infected tens of thousands of computers, Mac and the virus tugged back and forth, fixing and infecting for several weeks. Apple has managed to keep both of these unfortunate instances on the down-low, however, and haven’t suffered from much backlash from their customers. Although their muted responses to viruses doesn’t seem fair to the customers, for those who don’t know about the destructive infections, Apple’s silence keeps purchases of Macs rolling in.
Clearly, Apple isn’t the best about informing the public about its products’ vulnerabilities and security issues. Why would you want to expose your weaknesses, after all, especially when you’ve built a reputable name? Apple is supposed to be the best of the best when it comes to protecting its users from viruses, but evidently that’s not always the case. This incident is bound to draw attention from Apple customers. If 600,000 Macs can be successfully infected by a malware that looks legitimate, who’s to say another criminal won’t create a new virus next month?
As of today, 140,000 Macs remain infected, denoting that the Flashback Trojan virus isn’t the easiest to dismantle. The numbers are declining on a daily basis, and Apple promises their next software update, called Mac 10.8 “Mountain Lion,” will include a new security feature called “Gatekeeper” that will battle against viruses better than ever before. As a dedicated Mac user, I’m already looking for antivirus software that I previously brushed off as unnecessary for Apple products and simply hoping Apple steps up their security a couple notches.