Mac Users! Beware Flashback OSX Trojan! 600,000 Macs are Infected!
By Michele Yamazaki on Apr 05, 2012 at 01:34 PM
This is a public service announcement for our customers and readers about the Flashback OSX trojan horse
Yes, you read that right! A virus on the Mac. The last time I remember a big virus was Melissa in 1999.
This is new Trojan Horse called Flashback. Last night my computer was acting up so I ran Disk First Aid, only to find that there was a strange mounted item that I did not have mounted - decryptedFile.dmg with the Adobe Flash Player installer. This is not really Adobe Flash Player Installer but a cleverly disguised virus.
Go launch Disk First Aid and see if it pops up for you. If it does, you are infected. Also, here is a script to check to see if you're infected.
This is scary stuff!
As CNET blogger Topher Kessler explains, simply visiting a malicious Web site containing Flashback on an OS X system with Java installed will result in one of two installation routes. The malware will request an administrator password, and if one is supplied, it will install its package of code into the Applications folder. If a password is not offered, the malware will install to the user accounts where it can run in a more global manner.
What I did was trash the file and then update my system software. There's a Java update/patch that you need. F-Secure has instructions on removial of the virus through Terminal.
Here are a few articles on it.
- Hackers hitting Macs with virus: industry experts
- Like the Titanic, Macs Aren’t Unsinkable: 600,000 Claimed Infected with Botnet Virus
- Apple releases Java Patch to thwart virus
- Half a Million Mac Computers Infected: How to Know If Yours Is Too
I will update this post when I learn more.