Apple has been hauled over the coals by the security industry and accused of being slow to eradicate malware that left upwards of 600,000 Macs infected with the Flashback Trojan.
While the iPhone maker has released two specific patches to deal with a flaw in the OS X Java Virtual Machine it is still working on a tool to remove existing infections present on victims' machines. Security experts have attacked the iPad manufacturer's complacency.
The threat to Apple machines first surface in September last year, giving cyber criminals time to amass infected Macs into a huge botnet capable of causing massive damage to networks worldwide.
Kaspersky Lab's chief security expert, Alexander Gostev, blamed Apple for not taking action sooner.
Gostev said Apple knew about the threat "for months" but did little to protect OS X users from the Java flaw. The same flaw in Windows and Linux machines had been patched months ago.
The infection makes it one of the largest in Apple's history. Kaspersky said around 98 per cent of the 600,000 machines infected with the Flashback malware run OS X. Of those, around 47,000 are based in the UK.
While Oracle, which develops Java, issued a patch for Windows and Linux machines around three months ago, Apple patches the Java implementation on OS X itself and only issued a fix earlier this month. This meant Mac users were left exposed to the infection for much longer than users of other operating systems.
"The three-month delay in sending a security update was a bad decision on Apple's part," said Gostev. "Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time."
He added that the problem was exacerbated by the "myth" of Apple computers being "malware free".
"Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security," said Gostev.
Apple said that while the vulnerability had been patched, it is still "developing software that will detect and remove the Flashback malware". At the time of writing the Cupertino-based company was yet to release the malware removal tool.
In the meantime, Apple has advised user to disable Java in their browser preferences and is said to be liasing with ISPs around the world to deactivate the botnet's command and control network.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
CronRat Magecart malware uses 31st February date to remain undetectedNews The malware allows for server-side payment skimming that bypasses browser security
-
Mekotio trojan continues to spread despite its operators’ arrestsNews Hackers have used it in 100 more attacks since arrests
-
“Trojan Source” hides flaws in source code from humansNews Organizations urged to take action to combat the new threat that could result in SolarWinds-style attacks
-
What is Emotet?In-depth A deep dive into one of the most infamous and prolific strains of malware
-
Fake AnyDesk Google ads deliver malwareNews Malware pushed through Google search results
-
Hackers use open source Microsoft dev platform to deliver trojansNews Microsoft's Build Engine is being used to deploy Remcos password-stealing malware
-
Android users told to be on high alert after Cerberus banking Trojan leaks to the dark webNews The source code for the authenticator-breaking malware is available for free on underground forums
-
Qbot malware surges into the top-ten most common business threats
News An evolved form of the banking Trojan was distributed by number one-ranking Emotet in a campaign that hit 5% of businesses globally
