Reviews and How To's

 This article come from Maclife.com:

jrbookwalter's picture
 

Trojan horseIt was inevitable, really — the increasing popularity of Apple mobile products has driven more and more PC users over to the Mac, and like that innocent little puppy you brought home from the pound, them dog’s got fleas… or in this case, a new Mac trojan known as Flashback.

F-Secure has sounded the alarm for Mac users this week, noting that upwards of 600,000 users may be afflicted by a trojan downloader known as “OSX/Flashback.I” (but you can call it Flashback). But before you run through the streets proclaiming the end of the world is nigh, read on for instructions on how to find out if you’ve got it and what to do about it.

“Trojan-Downloader:OSX/Flashback.I connects to a remote site to download its payload; on successful infection, the malware modifies targeted webpages displayed in the web browser,” explains F-Secure on their website.

Unfortunately, for the moment the only solution is to head into Terminal and copy and paste a few commands — so the process is recommended only for advanced users. If you’re comfortable with that, head to Applications > Utilities, launch Terminal and dig in — here’s how to quickly find out if you’ve got Flashback:

1. Run the following command in Terminal:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

2. Take note of the value, DYLD_INSERT_LIBRARIES

3. Proceed to step 8 if you got the following error message:
“The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist”

[STEPS 4 THROUGH 7 OMITTED]

8. Run the following command in Terminal:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
“The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist”

If your results show anything other than “does not exist,” we recommend hitting the F-Secure website and following the full instructions to eradicate the Flashback trojan. You can bet that Apple will be patching this Java vulnerability in a forthcoming update, but for now it’s better to be safe than sorry. Let’s be careful out there!

http://www.maclife.com/article/news/600000_mac_users_afflicted_flashback_trojan_are_you_one_them

Follow this article’s author, J.R. Bookwalter on Twitter

Advertisements

Comments on: "600,000 Mac Users Afflicted with Flashback Trojan — Are You One of Them?" (1)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Tag Cloud

%d bloggers like this: