Protecting Your Mac Against a Flashback Trojan Infection

 

The Parallels Desktop 7 and Kaspersky Anti-Virus for Mac bundle couldn’t have come at a better time. It’s all over the news, Macs are no longer impervious to the almighty malware. As reported last May by PCMag author Neil Rubenking, it was only a matter of time before Mac users would encounter the same security issues as those on a PC:

 

“Given that PCs are a vastly greater segment of the market, it's cost-effective for the bad guys to concentrate on PC attacks. And yes, it's true that Apple's operating system is tougher to crack than Windows. But the days of Mac complacency may be ending.” (PCMag)

 

On April 4th, Rubenking’s projection came to fruition when Russian antivirus vendor, Dr. Web, published an article stating that the Trojan horse BackDoor.Flashback had infected more than 550,000 OS X machines, most of which reside in the United States in Canada. Since the initial posting by Dr. Web, this number has climbed to upwards of 650,000 Macs, or roughly 1% of the entire Mac population. In summary, MacWorld's Rich Mogull said it best when he stated that the Flashback Trojan, "could be the single most significant malware infection to ever hit the Mac community” (MacWorld). 

 

The worldwide distribution of Flashback infections on 4/4 (Dr. Web)

 

What You Need To Know:


What is Flashback? “Flashback is the name for a malicious software program discovered in September 2011 that tried to trick users into installing it by masquerading as an installer for Adobe Flash. (Antivirus vendor Intego believes Flashback was created by the same people behind the MacDefender attack that hit last year.) While the original version of Flashback and its initial variants relied on users to install them, this new form is what’s called in the security business a drive-by download: Rather than needing a user to install it, Flashback uses an unpatched Java vulnerability to install itself.” (MacWorld)

 

Am I at risk? “In OS X 10.7 Lion, Java isn't included by default; only those who have deliberately installed it are potentially vulnerable to this exploit (or those running Snow Leopard or earlier OS X versions). If you installed it at some point but no longer have a reason to run Java, you should probably turn it off completely or at a minimum disable it in Safari.” (TUAW)

 

How can Flashback Infect my Mac? “If you visit a malicious (or unwillingly infected) website hosting Flashback, the program attempts to display a specially crafted Java applet. (We don’t yet know how many websites host Flashback.) If you have a vulnerable version of Java installed and enabled in your Web browser, the malicious code will infect your system and then install a series of components. Since Apple did not release an update for that vulnerable version of Java until April 3rd, many users were and are still susceptible." (MacWorld

 

How to Check for and Remove Flashback:

Antivirus computer security company Kaspersky Lab has created an online tool making scanning and removing the Flashback Trojan easy. Simply visit the Kaspersky Virus Fighting Utilities page and download/run the “Flashfake Removal Tool” which will automatically scan your computer and remove the malware if it is detected. If you don't wish to download the removal tool, you can also visit, http://flashbackcheck.com/, and follow the 3 simple steps to scan your Mac. 

 

Kaspersky has made checking for AND removing Flashback Trojan horse easy

 

Am I Now Safe Since Flashback Can Be Removed?

As stated by CNet, “In a word, no. The Flashback authors have already shown themselves inclined to keep altering the malware to sidestep new security fixes.”


In a recent ZDNet poll asking, “Has the Flashback Trojan made you consider installing antivirus on your Mac?”, 73% of voters responded that they have either already installed, or will consider installing antivirus software on their Mac. Currently you can purchase the full version of Parallels Desktop 7 and Kaspersky Anti-Virus for Mac for $79.99 (33% off the regular price of $119.99), or upgrate to Parallels Desktop 7 with Kaspersky Anti-Virus for Mac for $59.99 (33% off the regular price of $89.99) to help ensure your Mac’s safety.

 

The results are in and voters say antivirus is definitely the way to go on a Mac. (ZDNet)

 

How To Protect Yourself:

Here are some quick tips from experts around the net to help protect your Mac going forward.

 

1) “Bite the bullet and install antivirus software” (ZDNet)

 -    Hughes of ZDNet has supported Mac owners utilizing antivirus software since last May


2) On a Mac, immediately uncheck Safari's 'Open 'safe' files after downloading' option in the General pane of its Preferences. (Computerworld)

 

3) Download any software only from trusted sources (CNet)

 

4) Never click on a link an an email from an unknown party (Computerworld)

 

5) Never install/double-click on an unknown/unrequested or otherwise unverified installation file (Computerworld)

 

6) Never click in an image if you don't know where it came from (Computerworld)

 

7) Never, ever hand over your personal details into any application, website, or in response to any email unless you are completely and utterly certain you know and trust where it is from. (Computerworld)