Trojan BackDoor.Flashback, commonly referred to as the Flashback Trojan, is a Trojan horse affecting personal computer systems running Mac OS X. The first variant of Flashback was discovered by antivirus company Intego in September 2011.
According to the Russian antivirus company Dr. Web, a modified version of the "BackDoor.Flashback.39" variant of the Flashback Trojan has infected over 600,000 Mac computers, forming a botnet that includes 274 bots located in Cupertino, California, the location of the headquarters of Apple Inc. The findings were confirmed one day later by another computer security firm, Kaspersky Lab. This variant of the malware was first detected in April 2012 by Finland-based computer security firm F-Secure. Dr. Web estimated that in early April 2012, 56.6% of infected computers were located within the United States, 19.8% in Canada, 12.8% in the United Kingdom and 6.1% in Australia.
Oracle, the company that develops Java, fixed the vulnerability exploited to install Flashback on February 14, 2012. However, Apple maintains the Mac OS X version of Java and did not release an update containing the fix until April 3, 2012, after the flaw had already been exploited to install Flashback on 600,000 Macs. On April 12, 2012, the company issued a further update to remove the most common Flashback variants. The updated Java release was only made available for Mac OS X Lion and Mac OS X Snow Leopard; the removal utility was released for Intel versions of Mac OS X Leopard in addition to the two newer operating systems. Users of older operating systems were advised to disable Java. There are also some third party programs to detect and remove the Flashback trojan. Apple is working on a new process that will eventually lead to a release of a Java Runtime Environment (JRE) for Mac OS X at the same time as it is available for Windows, Linux, and Solaris users.
- Apple Delays, Hackers Play April 12, 2012
<ref>tags exist, but no
<references/>tag was found