Flashback Saga Continues
Recent reports put the number of machines infected by the Flashback malware at 600,000+ With that being said, Apple has released an update for the vulnerable version of Java that was allowing such an easy exploit; install your patches folks. As Apple takes it upon themselves to make their own version of Java patches for their OS, this patch came out weeks after Oracle patched Java for Windows and other platforms.
One unique characteristic of this malware is that it actively searches for popular antivirus software for the Mac such as ClamXAV, Virus Barrier, and Avast!. If it finds any of the specified AV products, it deletes itself and is gone from your system. However, if you do not regulary run AV software on your Mac, you can find a full set of removal instructions over at F-secure's site here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
In addition to removal, you will find several more interesting pieces of info; including the fact that, during installation of the malware, it checks for Microsoft Word.app or the folders Office 2008 / Office 2011 and will, again, delete itself if they are found.
One unique characteristic of this malware is that it actively searches for popular antivirus software for the Mac such as ClamXAV, Virus Barrier, and Avast!. If it finds any of the specified AV products, it deletes itself and is gone from your system. However, if you do not regulary run AV software on your Mac, you can find a full set of removal instructions over at F-secure's site here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
In addition to removal, you will find several more interesting pieces of info; including the fact that, during installation of the malware, it checks for Microsoft Word.app or the folders Office 2008 / Office 2011 and will, again, delete itself if they are found.
Comments