While thousands of Apple customers suffer from a serious malware outbreak, the company answers to the problem by trying to close down the security company which warned of the attack.
Over 500,000 Macs are already infected with Flashback malware because Apple failed to update some Java software. Nevertheless, the situation has revealed just how useless the company is when it comes to such problems. Surprisingly enough, the first action of Apple was not to update the Java software, but to take down the server of the Russian security company that revealed the problem to the world.
Boris Sharov, CEO of the Russian-based security company called Dr. Web, confirmed that this week the Russian Web registrar Reggi.ru was demanded by Apple to shut down one of its domains. For some reason, Apple believed that the site in question was being used as a “command and control” server, without bothering to take a look at the site owner. Therefore, Apple still hasn’t realized that the domain was one of those which Dr. Web has been using as a spoofed command and control server working as a “sinkhole”.
It seems that Apple didn’t have much experience in dealing with the real world outside. According to Boris Sharov, Apple simply had no idea how to work in a team when tackling security, but rather believed that it could order servers switched off and its problems would fade away.
Dr. Web explained that Apple claimed to the registrar that its domain was involved in a malicious scheme, though the security company wasn’t controlling the sink-hole or harming users. When the security outfit first contacted Apple to let the company know about the Mac-based botnet, Apple never replied. The security outfit has provided the giant with all the data it had, but was responded with a demand that its monitoring server be taken offline.
Meanwhile, locating and closing down command and control servers is a common practice for the outfits trying to cripple a botnet. Dr. Web confirmed it has worked with Microsoft on those efforts. However, Apple won’t even tell anyone about its antivirus group, if it has one at all. And it still insists that its software can’t be infected! Dr. Web slammed the company for its delay in issuing a patch for security vulnerability in Java which allowed the malware to exist.
Over 500,000 Macs are already infected with Flashback malware because Apple failed to update some Java software. Nevertheless, the situation has revealed just how useless the company is when it comes to such problems. Surprisingly enough, the first action of Apple was not to update the Java software, but to take down the server of the Russian security company that revealed the problem to the world.
Boris Sharov, CEO of the Russian-based security company called Dr. Web, confirmed that this week the Russian Web registrar Reggi.ru was demanded by Apple to shut down one of its domains. For some reason, Apple believed that the site in question was being used as a “command and control” server, without bothering to take a look at the site owner. Therefore, Apple still hasn’t realized that the domain was one of those which Dr. Web has been using as a spoofed command and control server working as a “sinkhole”.
It seems that Apple didn’t have much experience in dealing with the real world outside. According to Boris Sharov, Apple simply had no idea how to work in a team when tackling security, but rather believed that it could order servers switched off and its problems would fade away.
Dr. Web explained that Apple claimed to the registrar that its domain was involved in a malicious scheme, though the security company wasn’t controlling the sink-hole or harming users. When the security outfit first contacted Apple to let the company know about the Mac-based botnet, Apple never replied. The security outfit has provided the giant with all the data it had, but was responded with a demand that its monitoring server be taken offline.
Meanwhile, locating and closing down command and control servers is a common practice for the outfits trying to cripple a botnet. Dr. Web confirmed it has worked with Microsoft on those efforts. However, Apple won’t even tell anyone about its antivirus group, if it has one at all. And it still insists that its software can’t be infected! Dr. Web slammed the company for its delay in issuing a patch for security vulnerability in Java which allowed the malware to exist.
