This New Trojan Disables Your Mac's Auto-Updates

The original iteration of the Flashback Trojan was a nasty little bugger, quietly shipping your Mac's details off to a remote server. This newly discovered variant is even worse.

The new version, dubbed Flashback.C, also disables the your Apple's security definition update service by wiping files necessary to run future updates. Both Snow Leopard and Lion are vulnerable, though the Trojan seems to delete itself on any system running Little Snitch. The Trojan itself comes disguised as a Flash package installer.

F-Secure offers removal instructions here, Little Snitch is available here. [F-Secure via Mac World]



    Remember back in the day when people said Mac's were safer than PC's because there were no virus' on Mac's. . .

    Yeah. . . those days were great. . .

    Brilliant! Mac users can't be so smug anymore...

    The whole point of a trojan depends users stupid enough to bring the "horse" into their "castle". Users happy to install Flash onto their Macs deserves what they get.

      Sounds just like Apple's support department, wait a minute...

      Ummm... how is it stupid to install Flash? As long as you install via the official website, there's virtually no risk of a virus.

      Not to mention that Flash is still widespread on the web.

    While the windows guys deserve to gloat, this exploit actually requires someone to download and run something, and then put their password in, hardly comparable to the many windows exploits that can install themselves without any user intervention.

      And if they managed to get priviledge escalation going, considering all Macs are more or less the same, there'd be a lot of systems out there to fuck up.

      Considering many basic end users buy Macs based purely on the marketing spiel around how "easy to use" they are, it could therefore be quite suscessfully argued that Mac have more of the "lowest common denomiator" using them. Therefore those users are more likely to click the button and run the nasty program to begin with!

      Then, because the user trusts the program and wants to run it, the problem compounds much more quickly than some malware that runs in the background and stands a decent chance of being picked up by a decent Internet Security product.

      I'm sorry but that has not been the case since Vista was released with UAC requiring the user to authorise any potentially threatening actions.

    The question is that noone is mentioning, how do you know if it's on your system?
    Surely there must be a simple way to test this?

    The fact that 1 Trojan on the Mac is breaking News is really all that needs to be said...

    Just to clarify, exactly how many Trojans are out there on Windows??

    Wow imagine if Giz wrote about all of them.... hehe






    I have 3 Macs and am family and friend tech support for at least 30 macs and i still haven’t had ONE of them suffer from virus problems….

      Good for you. I've been accessing the internet from my PC since 1997, I've never used any security software and I've never had any issues with malware, either. That is not to say it doesn't exist.

      And... I've never had any issues since the 90s on PC either. Both platforms are ridiculously secure now with even the most basic security suites.

      The backlash comes from the fact that the "PCs get Viruses" canard is still used by Mac purists, hell it was the basis for "I'm A Mac" advertising campaign. Both OSes are equally resistant to viruses, but equally susceptible to stupidity. If you go out of your way to install crap on your computer, you'll succeed.

Join the discussion!

Trending Stories Right Now