Apple developing tool to detect and remove Flashback Trojan
Summary: Apple is developing a tool to detect and remove the Flashback Trojan that has infected over 600,000 Macs. In the meantime, here are some alternatives for both detecting and removing the malware.
Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Java to silently infect Mac OS X machines. Last week, Russian antivirus company Dr. Web revealed that the Flashback Trojan botnet controls over 600,000 Macs. Today, Apple announced it is developing software that will detect and remove the Flashback malware.
Apple released a Java update that patches the security hole on April 3, but it was already too late by that point. News of the massive infection rate broke on April 4.
As such, the electronics giant is also working with ISPs around the world to take down computer servers hosted by the malware authors. In addition to the Java vulnerability, the Flashback malware relies on this command control network to perform many of its critical functions.
What if you can't wait for Apple to release its tool? There are a few things you can do.
First off, you can grab the new version of Java from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. If you're running Mac OS X v10.5 or earlier, your only option is to disable Java in your web browser(s) preferences: How to disable the Java web plug-in in Safari.
If you want to see if you have it, there are a few options. Dr. Web and Kaspersky have online tools to check if you have the Trojan. There's also a tool called FlashbackChecker available on GitHub.
If you know you have it and want to get rid of it, there are also a few options. F-Secure has instructions on how to remove the malware. CNET has a step-by-step guide for removing it. Last but certainly not least, the easiest way to get rid of it is to download and use the Kaspersky Flashfake Removal Tool.
See also:
- Over 600,000 Macs infected with Flashback Trojan
- New Mac malware epidemic exploits weaknesses in Apple ecosystem
- Quick protection for older Macs from the Flashback trojan
- Has Flashback malware made you consider installing antivirus on your Mac?
- Second source confirms: 1 in 100 Macs are infected by Flashback
- The scariest thing about the Flashback trojan: I have no idea how to fight it
- How big a security risk is Java? Can you really quit using it?
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
mhollis55, can you n your Macta_rd crue deny this one too?
....Anytime soon....
Uh..
Waiting
...No time soon...
Apple ANNOUNCES it is DEVELOPING a removal tool?
they have the Java patch but that doesn't REMOVE the malware if you already have it.
Are you kidding? Other much smaller companies have already released programs to detect and remove this malware and all Apple can manage is an announcement that they are working on a fix?
Amazing what billions of dollars cannot achieve.
Malware writers now have a chance to change their malware while Apple
develops the removal tool.
Obviously the PR department at Apple is bigger than the software R&D department.
On security
It is naive to think, that Apple has no resources to act "quick".
Besides, there is absolutely no indication that this botnet has ever been used for anything. If Apple are confident that particular malware does not hame their users computers, why rush? There is a lot to be learned, by the way by observing the species..live. Also, it is apparent that many users will never update their software, so 'quick fix' does not really help.
By far the most effective way to remove the malware off all infected computers is to take over the control center and issue "remove yourself and all traces" command to the drones.
Norton ?
Norton
Yes, Norton
You mean the honeymonster's, right?
lol...
Not actually true of modern AV's
Mind you, if Norton for Macs is anything like the PC variant I'd almost prefer having nothing than that piece of s*&t!
Norton is a pig of a product
On my Win box I use Microsoft Security Essentials. Great product, no cost, 'nuff said.
On my Macs I use common sense. To date, the threats for Macs are still few enough that if you don't blindly click every little installer out there, you remain pretty darn safe. Of course, I also go out of my way to know what's going on in the wild so I am educated more than many to begin with.
I do scan my Macs on a regular schedule (currently using ClamXAV for this) and I ran the Terminal commands to do a manual search for FlashBack. To date I have not found malware on my Macs since moving to OSX in 2001. I did have one infection under OS 9.1 and one other waaaayyy back in the days of System 7.3.3. All that being the case, I will keep to this practice until things significantly worsen. For now, I find that common sense and diligent verification suffice.
Question.....
MS Security Essentials?
re Ms Security Essentials woes
Unfortunately no AV has a 100% hit rate, but MS has earned themselves a pretty damned good reputation with their product (and I say this as a Commodo user so no bias). As to the point that you got infected simply by 'VISITING' an infected site, not only is that the very definition of 'drive-by' infection, it is the very method used by the aforementioned Flashback virus...
Microsoft Security Essentials
Norton IS Malware!
It would prompt me all the time to upgrade to the full version. It sends logs to Norton by default and when not connected it would prompt to connect to the internet. It slowed the computer down a lot. Got rid of it and OMG, everything was better.
FU Norton!
Microsoft security essentials was developed only for Microsoft windows. No?
Apple needs to follow Microsoft's lead
They will
Sorry
You are correct on all counts. Apple does already have the mechanism in place in OS X, and it will undoubtedly be updated. Having said that, you are also correct that the reaction speed needs to be much improved.
There will be a lot of change at Apple, with Steve no longer there. On my personal wish list of changes is that the removal of his RDF will also lift the blinders from the reality that the world is NOT a safe place to be and that Apple can't afford to drag its corporate feet like this.