Apple developing tool to detect and remove Flashback Trojan

Apple is developing a tool to detect and remove the Flashback Trojan that has infected over 600,000 Macs. In the meantime, here are some alternatives for both detecting and removing the malware.
Written by Emil Protalinski, Contributor

Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Java to silently infect Mac OS X machines. Last week, Russian antivirus company Dr. Web revealed that the Flashback Trojan botnet controls over 600,000 Macs. Today, Apple announced it is developing software that will detect and remove the Flashback malware.

Apple released a Java update that patches the security hole on April 3, but it was already too late by that point. News of the massive infection rate broke on April 4.

As such, the electronics giant is also working with ISPs around the world to take down computer servers hosted by the malware authors. In addition to the Java vulnerability, the Flashback malware relies on this command control network to perform many of its critical functions.

What if you can't wait for Apple to release its tool? There are a few things you can do.

First off, you can grab the new version of Java from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. If you're running Mac OS X v10.5 or earlier, your only option is to disable Java in your web browser(s) preferences: How to disable the Java web plug-in in Safari.

If you want to see if you have it, there are a few options. Dr. Web and Kaspersky have online tools to check if you have the Trojan. There's also a tool called FlashbackChecker available on GitHub.

If you know you have it and want to get rid of it, there are also a few options. F-Secure has instructions on how to remove the malware. CNET has a step-by-step guide for removing it. Last but certainly not least, the easiest way to get rid of it is to download and use the Kaspersky Flashfake Removal Tool.

See also:

Editorial standards