However, in the past week, it hit the News that 600,000 Macs -- mostly in the U.S. and Canada -- are infected with a trojan horse virus called "Flashback".
Flashback was originally discovered in September 2011 and was designed to disguise itself as an Adobe Flash Player installer, using Flash player logos. After installing Flashback, the malware seeks out use names and passwords that are stored on your Mac.
The resurgence of Flashback appears to take advantage or Java runtime for OS X. Apple issued a patch this week though it didn't mention Flashback by name. The patch is available for OS X 10.6 and 10.7 as well as for OS X Lion 2012-011.
"There are no visible symptoms for this Mac virus, except for making sporadic connections to unknown servers that can be only seen in the Firewall logs, if any firewall is in place," Boris Sharov, CEO of Doctor Web which originally found the virus, told Mashable. "The symptoms also depend on the payload that may be downloaded upon the command from the control server."
Although Sharov said it's difficult to prevent contracting the virus, it's not impossible.
"The bad thing about these types of infections is that it is hard to prevent them without disconnecting one's computer from the Internet all together. We advise Mac users to strictly follow Apple's security updates. Don't neglect them. Unfortunately, the number of infected computers are still increasing, which means that users are careless about security patches, and they shouldn't be."
Sharov also advised Mac users to install anti-virus software, even though many think it's unnecessary to do so for Apple computers.
Thanks to Mashable, there is an easy way to see if your Mac has been infected. They wrapped all the command line code into two AppleScripts. Why two? There are actually two areas of your hard drive that need to be checked for nasty files. These files simply run the terminal commands and let the users know if they have anything to worry about.
They aren't the most beautiful creations, but they do the job.
You can download the scripts here (hosted by CloudApp). After unzipping, simply double-click on the "trojan-check" and "trojan-check-2".
If either of the scripts report something other than "does not exist", go to F-Secure's website and follow their removal instructions.
Even if you aren't infected, make sure you install the latest Apple security update for Java to fix the vulnerability that allowed this nasty exploit to exist in the first place.
(Thanks to Mashable for the information)
No comments:
Post a Comment
Who does not love comments and reader participation? ;)