1

The Flashback Trojan has infected at least 600,000 Apple computers running Mac OS X according to the Russian AV company Dr Web which researched the spread of the malware which was originally discovered at the end of last year and for which Apple issued a security patch just this week.

You can determine if your Mac is one of the machines infected by the Flashback Trojan, which disguises itself as an Adobe Flash Player installer, by running the AppleScripts provided by Mashable in response to the Dr Web discovery and available for download here

Alternatively, you can run the following commands in the Mac OS X Terminal yourself, and get a sense of relief if all of them give the response "The domain/default pair of (...) does not exist" as that means there is no Flashback infection present on your computer.

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES; defaults read /Applications/Safari.app/​Contents/Info LSEnvironment; defaults read /Applications/Firefox.app/​Contents/Info LSEnvironment

If your machine is infected, then F-Secure has published step-by-step instructions for removal which can be found here

flashbackDr Web reveals that most of the infected Macs, some 56%, are located in the United States and around 20% are in Canada. The UK accounts for roughly 13% of infections, and Australia 6%.

Meanwhile, F-Secure warns that upon execution the latest variations of the malware will "prompt the unsuspecting user for the administrator password. Whether or not the user inputs the administrator password, the malware will attempt to infect the system, though entering the password will affect how the infection is done."

If that infection is successful, the malware modifies webpage content displayed by the web browser client. F-Secure explains that "the specific webpages targeted and changes made are determined based on configuration information retrieved by the malware from a remote server."

Edited by happygeek: unstuck

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

2
Contributors
1
Reply
6
Views
5 Years
Discussion Span
Last Post by Danarchy
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.