Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Security Companies Release Freeware to Fight Mac Flashback Trojan

Security researchers at Kaspersky Lab and Intego have released free tools to help Mac users infected with the Flashback Trojan clean their computers.

Security researchers at Kaspersky Lab and Intego have released free tools to help Mac users infected with the Flashback Trojan clean their computers.

In the past few weeks, the number of Mac computers compromised by the malware has reached into the hundreds of thousands, with Kaspersky Lab’s estimate putting the number as high as 650,000 as of April 6. The number of bots then shrank to slightly more than 237,000 as of April 8, Kaspersky Lab found.

“Over the last few days our server has registered all the data sent by bots from the infected computers and recorded their UUIDs in a dedicated database,” Alexander Gostev, chief security expert at Kaspersky Lab, explained in a blog post. “Based on this information we have set up an online resource where all users of Mac OS X can check if their computer has been infected by Flashback.”

The company created the site Flashbackcheck.com for advice on how to determine if users are infected, and has posted the tool on its Securelist blog.

Intego has released freeware to address the problem as well.

“A number of web sites have been circulating information telling users how to find out if they are infected with the Flashback malware,” Intego noted in a blog post. “Since these instructions include a number of obscure commands to be run in Terminal, several developers have released free applications that users can run to check their Macs, without needing to know how to use Terminal.”

“Unfortunately, this information can be misleading, because the instructions that circulate discuss just one variant of the Flashback malware,” Intego continued. “There are some two dozen variants already, each of which puts files of different names in different locations; these instructions and applications will therefore not find any but the one specific variant that they target.”

Flashback was first observed last year propagating through a fake Adobe Flash Player installer. More recently, the malware has utilized a Java vulnerability to spread.

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.