Security industry criticises Apple over Flashback malware

News 12 Apr, 2012

Cupertino company slammed over slow response to fix Trojan problem.

Apple has been hauled over the coals by the security industry and accused of being slow to eradicate malware that left upwards of 600,000 Macs infected with the Flashback Trojan.

While the iPhone maker has released two specific patches to deal with a flaw in the OS X Java Virtual Machine it is still working on a tool to remove existing infections present on victims' machines. Security experts have attacked the iPad manufacturer’s complacency.

The threat to Apple machines first surface in September last year, giving cyber criminals time to amass infected Macs into a huge botnet capable of causing massive damage to networks worldwide.

Kaspersky Lab's chief security expert, Alexander Gostev, blamed Apple for not taking action sooner.

Gostev said Apple knew about the threat “for months” but did little to protect OS X users from the Java flaw. The same flaw in Windows and Linux machines had been patched months ago.

The infection makes it one of the largest in Apple's history. Kaspersky said around 98 per cent of the 600,000 machines infected with the Flashback malware run OS X. Of those, around 47,000 are based in the UK.

While Oracle, which develops Java, issued a patch for Windows and Linux machines around three months ago, Apple patches the Java implementation on OS X itself and only issued a fix earlier this month. This meant Mac users were left exposed to the infection for much longer than users of other operating systems.

"The three-month delay in sending a security update was a bad decision on Apple's part," said Gostev. "Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time."

He added that the problem was exacerbated by the “myth” of Apple computers being “malware free”.

“Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security," said Gostev.

Apple said that while the vulnerability had been patched, it is still “developing software that will detect and remove the Flashback malware”. At the time of writing the Cupertino-based company was yet to release the malware removal tool.

In the meantime, Apple has advised user to disable Java in their browser preferences and is said to be liasing with ISPs around the world to deactivate the botnet’s command and control network.

Read more about: