Apple developing tool to detect and remove Flashback Trojan
Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Java to silently infect Mac OS X machines. Last week, Russian antivirus company Dr. Web revealed that the Flashback Trojan botnet controls over 600,000 Macs. Today, Apple announced it is developing software that will detect and remove the Flashback malware.
Apple released a Java update that patches the security hole on April 3, but it was already too late by that point. News of the massive infection rate broke on April 4.
As such, the electronics giant is also working with ISPs around the world to take down computer servers hosted by the malware authors. In addition to the Java vulnerability, the Flashback malware relies on this command control network to perform many of its critical functions.
What if you can't wait for Apple to release its tool? There are a few things you can do.
First off, you can grab the new version of Java from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. If you're running Mac OS X v10.5 or earlier, your only option is to disable Java in your web browser(s) preferences: How to disable the Java web plug-in in Safari.
If you want to see if you have it, there are a few options. Dr. Web and Kaspersky have online tools to check if you have the Trojan. There's also a tool called FlashbackChecker available on GitHub.
If you know you have it and want to get rid of it, there are also a few options. F-Secure has instructions on how to remove the malware. CNET has a step-by-step guide for removing it. Last but certainly not least, the easiest way to get rid of it is to download and use the Kaspersky Flashfake Removal Tool.
See also:
- Over 600,000 Macs infected with Flashback Trojan
- New Mac malware epidemic exploits weaknesses in Apple ecosystem
- Quick protection for older Macs from the Flashback trojan
- Has Flashback malware made you consider installing antivirus on your Mac?
- Second source confirms: 1 in 100 Macs are infected by Flashback
- The scariest thing about the Flashback trojan: I have no idea how to fight it
- How big a security risk is Java? Can you really quit using it?