Mac Users! Beware Flashback OSX Trojan! 600,000 Macs are Infected!


By Michele Yamazaki on Apr 05, 2012 at 01:34 PM

This is a public service announcement for our customers and readers about the Flashback OSX trojan horse

Yes, you read that right! A virus on the Mac. The last time I remember a big virus was Melissa in 1999.

This is new Trojan Horse called Flashback. Last night my computer was acting up so I ran Disk First Aid, only to find that there was a strange mounted item that I did not have mounted - decryptedFile.dmg with the Adobe Flash Player installer. This is not really Adobe Flash Player Installer but a cleverly disguised virus. 

Go launch Disk First Aid and see if it pops up for you. If it does, you are infected. Also, here is a script to check to see if you're infected.

This is scary stuff! 

As CNET blogger Topher Kessler explains, simply visiting a malicious Web site containing Flashback on an OS X system with Java installed will result in one of two installation routes. The malware will request an administrator password, and if one is supplied, it will install its package of code into the Applications folder. If a password is not offered, the malware will install to the user accounts where it can run in a more global manner.

What I did was trash the file and then update my system software. There's a Java update/patch that you need. F-Secure has instructions on removial of the virus through Terminal.

Here are a few articles on it.

I will update this post when I learn more.

Posted in News and tagged mac(13), adobe(134)