FlashBack Trojan Horse has infected 600,000 Macintoshes worldwide.
Fortunately, that’s less than 2% of active Macs.
Every once in a while, a trojan horse (similar to a virus, but tricks the user into installing it, rather than installing itself) breaks through the Mac OS security and infects computers. This isn’t the first time, nor the last time. This particular piece of software uses a bug in Apple’s Java implementation that was recently patched. It then tricks the user into giving away their computer’s login and password by masquerading as Apple’s Software Update.
You are already immune if…
…you are up to date with your software
…haven’t run software update in the last week
…don’t have Java installed. (CrashPlan requires Java, so many of Evolve’s clients do have it installed)
Needless to say, there is a large percentage of Macs that are already immune. Expect Apple to update the antivirus profiles built into every version of Lion in then next day or so, rendering a even larger percentage immune. This summer’s release of Mountain Lion will make it even more difficult to release malware for the Mac.
Am I infected?
The problem at hand is knowing whether you are infected or not.
- If you are under a support contract with me, I will be checking your network to make sure that you are immune.
- If you are not under contact, but a regular client, please contact Evolve to schedule a check of your network.
- If you are not a regular client of Evolve, now is a great time become one.
- I have also created a tool that you can test whether you are infected or not. flashback test.app
What do I do if I am infected?
The instructions for removal are here (f-secure.com). If you need assistance in removal, contact Evolve.
Once installed, FlashBack will watch your network connections for usernames and passwords. Therefore, every account on every website will need to have their passwords reset. Also, any website that you use a standard password will need to be changed.
How do I protect myself in the future?
Do not assume that antivirus software would have prevented this. The 600,000 infections were before anyone reported the trojan horse at all. Apple is vigilent in making sure that the Mac OS is secure. Lion is much more secure than Snow Leopard. Mountain Lion will be much more secure than Lion.
The biggest way to be safe is to keep up to date with your software.