Help
Post your comments for Flashback Malware Still Affects 140,000 Macs here
Page 1 of 1
Flashback Malware Still Affects 140,000 Macs
Posted 18 April 2012 - 09:07 AM
#4
Evildave 
- Expert
-
- Group: Members
- Posts: 4,287
- Joined: 24-January 08
Posted 18 April 2012 - 12:17 PM
Coming soon: 'Flashback Malware Still Affects 50,000 Macs' and 'Flashback Malware Still Affects 20,000 Macs' and 'Flashback Malware Still Affects Some Guy In Greenland' stories.
Some estimates are below 30,000 active infections, already.
http://www.forbes.co...ly-on-how-much/
Oracle patched it, but windoze users should be aware that they must enable their separate JAVA updater, or manually update JAVA themselves, or they still have the same vulnerability wide open, indefinitely.
Microsoft won't patch this JAVA exploit. They consider the Java runtime to be 'your problem', ever since they started trying to make their own competing runtimes. They don't take responsibility for this. So getting bit by this attack vector is 'your fault', if you use windoze, as far as Microsoft is concerned. You shouldn't run JAVA. You should only run a Microsoft runtime with just as many gaping holes in it.
Apple's way is a little slower, but it guarantees more people will GET the patch.
So while Apple has plenty of time to manage this problem into a small tempest in a teacup with standard OS patches, Microsoft flails about wildly playing a completely ineffective game of whack-a-mole against dozens of much larger botnets, that pop right back up again and again.
ZeuS is still alive and well, even after Microsoft grabbed headlines a couple of weeks ago for shutting down SOME command and control servers, crowing 'Victory' like George Bush on an aircraft carrier.
http://news.softpedi...ft-262842.shtml
http://www.smh.com.a...0418-1x6e1.html
http://en.wikipedia....s_(Trojan_horse)
Then the howler-monkey portion of the media more or less shut up about it.
But as you can see, still hundreds of global C&C servers to go. Many completely out of reach of a U.S. court order. Microsoft's March 26th attack on the network yielded absolutely no visible effect on the numbers, while disrupting other people who were trying to find the real culprits behind it.
https://zeustracker.abuse.ch/
An article about how much development goes into botnets... going so far as to build friendly user interfaces so anyone can operate their own. Big business with a lot of fronts. Good luck ever tracking down the ones who create this software, behind layers upon layers of front-men and resellers and purchasers, all distributing and running and modifying their own copies.
http://www.fortiguar...usanalysis.html
Some estimates are below 30,000 active infections, already.
http://www.forbes.co...ly-on-how-much/
Oracle patched it, but windoze users should be aware that they must enable their separate JAVA updater, or manually update JAVA themselves, or they still have the same vulnerability wide open, indefinitely.
Microsoft won't patch this JAVA exploit. They consider the Java runtime to be 'your problem', ever since they started trying to make their own competing runtimes. They don't take responsibility for this. So getting bit by this attack vector is 'your fault', if you use windoze, as far as Microsoft is concerned. You shouldn't run JAVA. You should only run a Microsoft runtime with just as many gaping holes in it.
Apple's way is a little slower, but it guarantees more people will GET the patch.
So while Apple has plenty of time to manage this problem into a small tempest in a teacup with standard OS patches, Microsoft flails about wildly playing a completely ineffective game of whack-a-mole against dozens of much larger botnets, that pop right back up again and again.
ZeuS is still alive and well, even after Microsoft grabbed headlines a couple of weeks ago for shutting down SOME command and control servers, crowing 'Victory' like George Bush on an aircraft carrier.
http://news.softpedi...ft-262842.shtml
http://www.smh.com.a...0418-1x6e1.html
http://en.wikipedia....s_(Trojan_horse)
Then the howler-monkey portion of the media more or less shut up about it.
But as you can see, still hundreds of global C&C servers to go. Many completely out of reach of a U.S. court order. Microsoft's March 26th attack on the network yielded absolutely no visible effect on the numbers, while disrupting other people who were trying to find the real culprits behind it.
https://zeustracker.abuse.ch/
An article about how much development goes into botnets... going so far as to build friendly user interfaces so anyone can operate their own. Big business with a lot of fronts. Good luck ever tracking down the ones who create this software, behind layers upon layers of front-men and resellers and purchasers, all distributing and running and modifying their own copies.
http://www.fortiguar...usanalysis.html
#5
RickDobbelmannqbtt
- Advanced Member
-
- Group: Members
- Posts: 291
- Joined: 02-June 11
Posted 18 April 2012 - 12:26 PM
Evildave, on 18 April 2012 - 12:17 PM, said:
Coming soon: 'Flashback Malware Still Affects 50,000 Macs' and 'Flashback Malware Still Affects 20,000 Macs' and 'Flashback Malware Still Affects Some Guy In Greenland' stories.
Some estimates are below 30,000 active infections, already.
http://www.forbes.co...ly-on-how-much/
Oracle patched it, but windoze users should be aware that they must enable their separate JAVA updater, or manually update JAVA themselves, or they still have the same vulnerability wide open, indefinitely.
Microsoft won't patch this JAVA exploit. They consider the Java runtime to be 'your problem', ever since they started trying to make their own competing runtimes. They don't take responsibility for this. So getting bit by this attack vector is 'your fault', if you use windoze, as far as Microsoft is concerned. You shouldn't run JAVA. You should only run a Microsoft runtime with just as many gaping holes in it.
Apple's way is a little slower, but it guarantees more people will GET the patch.
So while Apple has plenty of time to manage this problem into a small tempest in a teacup with standard OS patches, Microsoft flails about wildly playing a completely ineffective game of whack-a-mole against dozens of much larger botnets, that pop right back up again and again.
ZeuS is still alive and well, even after Microsoft grabbed headlines a couple of weeks ago for shutting down SOME command and control servers, crowing 'Victory' like George Bush on an aircraft carrier.
http://news.softpedi...ft-262842.shtml
http://www.smh.com.a...0418-1x6e1.html
http://en.wikipedia....s_(Trojan_horse)
Then the howler-monkey portion of the media more or less shut up about it.
But as you can see, still hundreds of global C&C servers to go. Many completely out of reach of a U.S. court order. Microsoft's March 26th attack on the network yielded absolutely no visible effect on the numbers, while disrupting other people who were trying to find the real culprits behind it.
https://zeustracker.abuse.ch/
An article about how much development goes into botnets... going so far as to build friendly user interfaces so anyone can operate their own. Big business with a lot of fronts. Good luck ever tracking down the ones who create this software, behind layers upon layers of front-men and resellers and purchasers, all distributing and running and modifying their own copies.
http://www.fortiguar...usanalysis.html
Some estimates are below 30,000 active infections, already.
http://www.forbes.co...ly-on-how-much/
Oracle patched it, but windoze users should be aware that they must enable their separate JAVA updater, or manually update JAVA themselves, or they still have the same vulnerability wide open, indefinitely.
Microsoft won't patch this JAVA exploit. They consider the Java runtime to be 'your problem', ever since they started trying to make their own competing runtimes. They don't take responsibility for this. So getting bit by this attack vector is 'your fault', if you use windoze, as far as Microsoft is concerned. You shouldn't run JAVA. You should only run a Microsoft runtime with just as many gaping holes in it.
Apple's way is a little slower, but it guarantees more people will GET the patch.
So while Apple has plenty of time to manage this problem into a small tempest in a teacup with standard OS patches, Microsoft flails about wildly playing a completely ineffective game of whack-a-mole against dozens of much larger botnets, that pop right back up again and again.
ZeuS is still alive and well, even after Microsoft grabbed headlines a couple of weeks ago for shutting down SOME command and control servers, crowing 'Victory' like George Bush on an aircraft carrier.
http://news.softpedi...ft-262842.shtml
http://www.smh.com.a...0418-1x6e1.html
http://en.wikipedia....s_(Trojan_horse)
Then the howler-monkey portion of the media more or less shut up about it.
But as you can see, still hundreds of global C&C servers to go. Many completely out of reach of a U.S. court order. Microsoft's March 26th attack on the network yielded absolutely no visible effect on the numbers, while disrupting other people who were trying to find the real culprits behind it.
https://zeustracker.abuse.ch/
An article about how much development goes into botnets... going so far as to build friendly user interfaces so anyone can operate their own. Big business with a lot of fronts. Good luck ever tracking down the ones who create this software, behind layers upon layers of front-men and resellers and purchasers, all distributing and running and modifying their own copies.
http://www.fortiguar...usanalysis.html
Thank you Linux!!
I LOVE OPEN SOURCE!!!
#6
Evildave
- Expert
-
- Group: Members
- Posts: 4,287
- Joined: 24-January 08
Posted 18 April 2012 - 12:44 PM
Not only do most flavors of Linux patch it, if you install it, you have completely different Java runtimes to choose from.
A lot of Linux users never had the hole at all, if they used OpenJDK. Of course, it's available for windows users, too. And of course Apache Harmony, too, and that's also available for windoze. I think there's another, still. The point being, once again, the exploits are harder to exploit on a Linux platform where you have a lot of choices.
And that's the most crucial lesson to carry away from this. Don't be 'standard'. Don't run the default runtimes on the default browser on the default OS in the default way with the default permissions, or you'll get the default malware that makes the default assumptions.
So this hole in Oracle's JAVA was discovered in September, and it took Oracle 'till mid-February to come up with and release a patch, and took Apple 'till early April to integrate the changes.
SOME windows users with Java updated Java in February, but certainly not all of them. That annoying 'Patch Me' popup with the ads that Oracle uses is certainly bait for being disabled. Not least for being disabled by malware.
A lot of Linux users never had the hole at all, if they used OpenJDK. Of course, it's available for windows users, too. And of course Apache Harmony, too, and that's also available for windoze. I think there's another, still. The point being, once again, the exploits are harder to exploit on a Linux platform where you have a lot of choices.
And that's the most crucial lesson to carry away from this. Don't be 'standard'. Don't run the default runtimes on the default browser on the default OS in the default way with the default permissions, or you'll get the default malware that makes the default assumptions.
So this hole in Oracle's JAVA was discovered in September, and it took Oracle 'till mid-February to come up with and release a patch, and took Apple 'till early April to integrate the changes.
SOME windows users with Java updated Java in February, but certainly not all of them. That annoying 'Patch Me' popup with the ads that Oracle uses is certainly bait for being disabled. Not least for being disabled by malware.
Share this topic:
Page 1 of 1