Are Macs no longer safe from hackers?

For years, Mac users have been told that not only are they cooler than their PC counterparts, they are safer too.

For years, Mac users have been told that not only are they cooler than their PC counterparts, they are safer too. Apple has always held that computer viruses and malware only dogged its competitors. That is no longer the case.

This week, security researchers discovered a new computer virus had infected half a million Mac users ? about half of them in the United States. The malicious program, known as a Trojan horse, is infesting users in the most surreptitious way possible: users need not manually click on any malicious links or manually download any malware to get infected. The program simply downloads itself. Once downloaded, the Trojans? creators gain a back door that gives them unauthorized access to the victim?s computer.?This is the largest scale attack on Mac OS X to date,? said Roel Schouwenberg, a senior researcher at Kaspersky Lab, an antivirus software company who has analysed the malware. ?And much more sophisticated.?

For now, the Trojan?s creators appear to be using infested computers for click fraud, in which they manipulate clicks on a Web advertisement in exchange for kickbacks. But as with all Trojans, its creators can choose to use infected computers however they like.

The malware infects computers in one of two ways. In some cases, users receive a pop-up prompt purporting to be from Adobe Flash asking them to install an update and type in their password ? hence the Trojan?s name, ?Fakeflash? or ?Flashback.? But in most cases, attackers appear to have exploited a loophole in Java software that automatically downloads the malware onto victims? machines without any prompting.

Apple issued two security patches for the Trojan this week and encouraged Mac users to run their software updates as soon as possible. For the technically astute, F-Secure, a Helsinki-based security firm, published instructions for how to identify Fakeflash and remove the virus manually.

Several security experts have criticized Apple as slow to react, considering Oracle issued a fix to the Java security hole in February. Apple did not issue a fix until more than a month later. Doctor Web, a security firm based in Russia, discovered the Trojan had exploited the loophole to infect Mac computers this week. Kaspersky Labs reverse engineered the malware and began to intercept its communication on Wednesday.

Get Live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news. .

This article was first uploaded on April eight, twenty twelve, at eight minutes past two in the night.