flashfake
Latest
Apple issues Leopard update with Flashback removal tool
Folks still rocking Apple's Leopard may have been feeling left out after Lion and Snow Leopard both got an update for addressing that Flashback malware. If you're one of them, you'll be glad to know that Apple has finally issued a Leopard fix that comes with a removal tool for the vulnerability afflicting its big cats. In addition to a 1.23MB Flashback update, Apple also released a second 1.11MB fix for Leopard that disables versions of Adobe Flash Player that don't have the requisite security updates. Both should further whittle down the number of Apple computers affected by the Flashback trojan. For the actual updates, feel free to pounce on the source links below.
Flashback malware removal tools released by security firms
While Apple has said it "is developing software that will detect and remove the Flashback malware" that has affected up to 600,000 Macs worldwide, it has yet to release any fix. In lieu of that a few security and antivirus firms have gone ahead and released their own Flashback removal tools. Kaspersky Lab, a Russian antivirus firm, has released the Flashfake Removal Tool. The firm asks that you first check here to see if your Mac is infected with Flashback. If your Mac is, then you can download Flashfake to rid your Mac of the malware. A second antivirus firm, F-Secure, has also released their own Flashback Removal Tool. Their tool works by creating "a log file (RemoveFlashback.log) on current user's Desktop. If any infections are found, they are quarantined into an encrypted ZIP file (flashback_quarantine.zip) to the current user's Home folder. The ZIP is encrypted with the password 'infected.'" Before Kasperky Lab's and F-Secure's removal tools, users had to manually remove the malware by using OS X's Terminal, which some might have found confusing. There's no word from Apple yet on when their own removal tool will become available.
Apple publishes support page for Flashback malware, is working on a fix
After the Flashback / Flashfake Mac trojan was exposed by Russian site Dr. Web, Apple has finally responded by publishing a support page about the issue and promising a fix. If you haven't heard by now, the malware exploits a flaw in the Java Virtual Machine, which Oracle pushed a fix for back in February, but Apple didn't patch until a botnet consisting of as many as 650,000 Macs was identified on March 4th. Antivirus maker Kaspersky has confirmed the earlier findings, and released a free tool affected users can run to remove the trojan from their computers. Other than the update already delivered for computers running OS 10.6 and 10.7 Apple recommends users on 10.5 and earlier disable Java in their browser preferences. What isn't mentioned however, is when its fix is incoming or any timetable on its efforts with international ISPs to cut off the IP addresses used by the network. This is not the first time Macs have fallen prey to malware and as their market share grows will likely not be the last, so don't think just opting for OS X is automatically keeping you a step ahead security-wise. Check the links below for more information about what the malware does, and how to get rid of it.
