Flashback

I’m always skeptical of claims made by security firms. If you get on PR mailing lists you know some of them routinely try to scare the pants off you so you’ll rush out and buy their protection software.

And, believe it or not, I got on a lot of PR mailing lists by writing a fake Apple news site. I don’t know what these people thought I was going to do with their announcement of a hot new swimming fish screen saver but I guess they figured any press was good press.

But when Dr. Web (wasn’t he a Spider-Man supervillain?) announced that 600,000 Macs were infected by the Flashback drive-by (née Flashback Trojan), my first reaction wasn’t to hit the web declaring it an epidemic.

I checked out Apple’s support forums and unlike the Mac Defender situation there didn’t seem to be a lot of users freaking out about how to get rid of Flashback. There were a lot of people trying to figure out if they had it. Of course, the reason for the difference is because Flashback isn’t throwing up windows asking you to put your credit card in like Defender did. It’s just quietly logging your information and sending it back to Larry McEvil (possibly not his real name).

But was 600,000 a valid estimate? Let’s face it, these firms have a vested interest in making this seem like a big deal. Ryan Naraine was skeptical, too, and has since accepted it as real. You can also follow Aleks Gostev from Kapersky Lab and Boris Sharov from Dr. Web on Twitter as Gostev was asking him good questions and getting answers that seem to confirm that, yes, it’s real. Kapersky Lab has also confirmed Dr. Web’s results that 600,000 machines are infected, most of which appear to be running OS X.

I was also curious about what percentage of Mac users this roughly represented. As of a couple of years ago, the number of Macs in use was estimated to be about 94 million, so we could assume at least 100 million. Is about a half a percent a large infection? An epidemic? I guess that’s a judgement call. [Update: this estimate of 94 million appears to be off. I'm seeing estimates ranging from 45 million to 70 million, so 1 percent may be more accurate.]

Back when XP was the current version of Windows, it seemed that every Windows user I knew complained about being affected by malware. I even knew Windows users who used to brag about how fast they could reformat their machine and have it back up and running in pristine form. Now, maybe the Windows users I know are big into porn sites. That would not be a stretch. Actually, that’s probably very likely. Like, really, really nasty p- look, my point is that it just seemed like the general infection rate, at least for XP back in the day, was a lot higher than half a percent. Probably because there were so many more viruses, Trojans and drive-bys.

For the bad guys, though, 600,000 is probably a pretty good haul. It’s just a darn large number, no matter what percentage of Mac users it represents. Which gets us to our problem. You get 600,000 and you think, hey, I could do this again. 600,000 is 600,000 too many.

Well, more like 599,999 too many.

You know the guy I’m talking about.

Personally, I find “epidemic” to be a loaded word thrown about by people who’ve been dying for the Mac to get hit. Still, I’m interested to hear what security experts will have to say about this as it develops and even more interested to see what Apple’s response will be. Almost a year ago when Mac Defender came out, Charley Miller said it still wasn’t worth it to run antivirus software on a Mac. I wonder if he’d say the same now.

One thing we do know for certain, though, is the percentage of iPads and iPhones that are affected by this.

It’s zero.

Because Flash and Java…

OK, you got it. Sometimes I can’t tell with you. You’ve got that blank stare.