TMCnet Feature Free eNews Subscription
April 11, 2012

Apple to Release Free Antivirus Agent to Remove Flashback Malware

By David Gitonga, TMCnet Contributing Writer

Recent malware, which apparently infected over 600,000 Macs, has been publicly acknowledged by Apple and the company is taking steps to curb its spread.



Tuesday, Apple (News - Alert) said it plans to halt the malware campaign by releasing a free tool to help disinfect each infected machine. According to the company, “malicious software called Flashback exploits a security flaw in Java in order to install itself on Macs.” Apple’s software will be able to detect and eliminate the malware.

The Flashback malware has been around since September 2011, but the newest variant exploits the Java vulnerability that Oracle (News - Alert) patched in February. According to Apple, its own versions of Java for Mac OS X, which it maintains, have been safe since issuing an update on April 3. The updates, however, came a little too late since Oracle’s update, and by then Flashback had managed to insert itself onto 2 percent of all Macs and steal several types of person data.

The vulnerability was first made public by Dr. Web when they “sinkholed” the malware’s command-and-control (C&C) domains. They were then able to tally the number of infected computers communicating with the hijacked domains and gave a 600,000 estimate. Apple has since then been working with ISPs to disable Flashback’s C&C network, asking hosting firms to pull down C&C servers the malware uses from the Internet.

Kaspersky Labs has also released a free removal tool dubbed “Flashfake” to help detect and remove the malware. The Russian antivirus company has set up Web sites to help Mac users determine if they have the Flashback malware. In May 2011, Apple had to announce a similar tool to detect and remove the fake security MacDefender software. Although its 2 flavors of OS X, Lion and Leopard are safe, Apple says that those running older versions need to disable the Java browser plug-in and use the instructions on their support Web site for further treatment.




Edited by Braden Becker
» More TMCnet Feature Articles
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE

LATEST TMCNET ARTICLES

» More TMCnet Feature Articles