The number of Mac computers infected with Flashback, one of the most virulent computer viruses ever to attack OS X, has fallen dramatically in the last week, new research revealed as Apple released a software update to clear up infections.
About 600,000 Macs were covertly controlled by the Flashback Trojan last week. But latest data from the security firm Symantec shows that since the outbreak was publicised the number has been cut to fewer than 270,000.
Symantec’s research, based on monitoring the “command and control” servers that the criminals behind Flashback use to issue instructions to infected machines, also indicated that British Apple users are among the worst affected by the Trojan. More than six per cent of infections are in the United Kingdom, behind only Canada, on 13 per cent, and the United States, which has almost half of all compromised machines.
The virus is designed to steal victims’ usernames and passwords for services such as online banking. It exploits vulnerability in the Java Runtime Environment, an almost-ubiquitous piece of software that works within web browsers to deliver the interactive elements of websites.
The vulnerability was publicly identified by Oracle, the corporate software giant behind Java, in February. It released its own patch for Windows machines, but Apple, which has central control of OS X updates, did not act until last week.
The delay has attracted sharp criticism from security experts. Kaspersky Lab, a major anti-virus firm, condemned it as a “bad decision” on Apple’s part that exposed users to the threat from Flashback.
"This latest attack wave is testament to how criminal elements can take advantage of un-patched vulnerabilities in order to install their wares on a large scale," Symantec added.
Having patched the Java vulnerability last week, last night Apple released another software update to remove Flashback from Macs that are already infected.
“This Java security update removes the most common variants of the Flashback malware,” it said.
While the threat from Flashback appears to be receding, the incident is being seen as a herald of a greater threat to Mac users from computer viruses. OS X has previously been a low priority for cyber criminals compared to Windows, but its growth in recent years has made it a more attractive target.
“Malware authors have targeted the Mac OS for quite some time; however, the recent Flashback indicate a very significant shift to the current threat landscape,” said Symantec.
“What sets this threat apart from typical Mac Trojans is the sheer size of Mac computers that have been infected.”
Apple has historically touted the relative lack of malware as a selling point for OS X.