600,000 Apples infected

BoredNow · April 5, 2012, 5:30pm

ooops…More than half a million Apple computers have been infected with the Flashback Trojan…Dr Web also notes that 274 of the infected computers it detected appeared to be located in Cupertino, California - home to Apple’s headquarters.

My favorite part…
"Java’s developer, Oracle, issued a fix to the vulnerability on 14 February, but this did not work on Macintoshes as Apple manages Java updates to its computers.

Apple released its own “security update” on Wednesday - more than eight weeks later.

rhgtyink · April 5, 2012, 5:54pm

Did anybody with CAVM run in to this and does know if it alerts or not?

Good for those who really though an Apple wasn’t vulnerable for software issues about to be exploited by malicious code…
There is NO OS/Software that is 100% safe, it’s just a matter of how popular an OS is if it get’s attacked on large scale or not.

_0M0D0 · April 5, 2012, 6:12pm

I am running CAVM but havent get any alert of any type. Actually, I dont know if I am infected (probably Im not).

If in any case I can help to find out about this threat or to do some tests, I would be happy to do so.

rhgtyink · April 5, 2012, 6:20pm

From what I know this has to do with CVE-2012-0507 and files are here;

languy99 · April 5, 2012, 7:18pm

comodo detections

4 out of 6 detected.

_0M0D0 · April 5, 2012, 7:28pm

I believe this is using signatures for Windows.
As far as I know, Comodo signatures for Mac are different?

languy99 · April 5, 2012, 8:28pm

I suspect it is using the same signature file. same bases.cav from what I know

_0M0D0 · April 6, 2012, 1:31pm

Current latest Virus Signature Database Version in CAVM is 300.
In Windows is 12007.
That should say something.

Besides that, I read somewhere in this forum that the database in CAVM, includes only signatures that affect Mac OS.