What is the Flashback Virus, and how can it be removed?
In early April, a Russian security company reported that as many as 600,000 Macintosh computers were infected with the so-called "Flashback" Trojan Horse virus, which originally appeared in the wild in 2011. The virus, OSX.Flashback, initially disguising itself as an Adobe Flash Player installer, allows an attacker to secretly obtain remote access to the system by exploiting a current Java vulnerability (BID 52161.)
On its blog, US security group Symantec writes, "Malware authors have targeted the Mac OS for quite some time; however, the recent OSX.Flashback.K infections indicate a very significant shift to the current threat landscape, which is dominated by malware on the Windows operating system,"
In the same article, dated April 12, 2012, Symantec estimates the number of Macs still infected to be 270,000, less than half the number reported earlier in the month. This reduction is most likely due to a software update released by Apple that updated the Java-based platform that "removes the most common variants." Besides this patch, there are several steps that can be taken to prevent the virus or remove it from an already infected system.
To find out if your system is infected, navigate to the following site: http://flashbackcheck.com/.
Recommended prevention/removal action:
1. Fully update your Macintosh operating system. 2. Fully update your Java Platform installation. 3. If infected, run Symantec-developed removal tool for OSX.Flashback.K. a. http://us.norton.com/mac-flashback/promo
By Daniel Bruhn
|