Results 1 to 5 of 5

Thread: 600,000 Macs Contract Malware

  1. #1
    paularoid's Avatar
    paularoid is offline On the verge of losing dog because I post so much!
    Join Date
    Mar 2006
    Location
    I-DUH-ho
    Posts
    3,579

    Default 600,000 Macs Contract Malware

    Okay Mac users,..... you're not safe.

    http://elink.thedailybeast.com/f64p....dzfEKb6drBe3e7

    600,000 Macs Contract Malware

    You might need to think twice about what the guys at the Apple store told you about Macs being impenetrable. More than 600,000 Apple computers have installed malware known as the Flashback Trojan, a Russian antivirus company said Thursday. The trojan first appeared last September, presenting itself as an Adobe Flash update. It disables certain Mac security features, enabling criminal hackers to control the machine. Apple has released a security update to guard against the malware, but users who havenít installed it remain exposed.

    Read it at BBC News
    Say what you mean. Mean what you say. But don't say it mean.

  2. #2
    paularoid's Avatar
    paularoid is offline On the verge of losing dog because I post so much!
    Join Date
    Mar 2006
    Location
    I-DUH-ho
    Posts
    3,579

    Default How to Find Out If Your Mac Was Infected by the Flashback Trojan in One Click

    http://lifehacker.com/5900434/how-to...n-in-one-click



    How to Find Out If Your Mac Was Infected by the Flashback Trojan in One Click

    Last week, over 600,000 Macs were infected with a new trojan called the Flashback trojan, and even if you've updated your software, you could still be infected. Here's an app that will check your computer for the trojan, and how to remove it if you find you're infected.

    Nearly 2% of owners who checked their computers using Russian antivirus web tool Dr. Web found that their computers were infected, so if you haven't checked yet, now's the time. Previously, you had to enter a few terminal commands to search for the trojan on your system, but now there's a much simpler way: just download the FlashbackChecker app and run it on your system. It will automatically search your computer for signs of the Flashback trojan and let you know if you're safe. If you're rather tech savvy, you've probably already checked your computer using the aforementioned commandsóbut this is a great app to send to less tech-savvy family members that might not know if they've been infected.

    Note that FlashbackChecker can't actually remove the trojan, it can only detect it. So, if you or a family member does find it on their machine, you'll have to go back and run those original terminal commands to determine exactly what you need to remove. Check out F-Secure's instructions for removing the trojan for more info, as the commands are a bit more involved. And, as always, make sure you run Software Update from the Apple menu to make sure you can't get this trojan in the future.
    Say what you mean. Mean what you say. But don't say it mean.

  3. #3
    Join Date
    Mar 2006
    Location
    The Champlain Valley of Vermont.
    Posts
    2,122

    Default To all the MAC users who thought they were immune....

    I hate to say it...

    Wait.. I frickin LOVE sayin it..

    I told ya so!
    This Train Still Runs!

  4. #4
    paularoid's Avatar
    paularoid is offline On the verge of losing dog because I post so much!
    Join Date
    Mar 2006
    Location
    I-DUH-ho
    Posts
    3,579

    Default And yet another report

    Quote Originally Posted by Amy in Vermont View Post
    I hate to say it...

    Wait.. I frickin LOVE sayin it..

    I told ya so!
    This time the report is from Sophos. Sophos is one of the -leading- anti-nasty warriors in cyberspace and they've been that way for a -long- time.

    http://www.afterdawn.com/news/articl...spread_malware

    Macs hit with another widespread malware

    Security firm Sophos has announced today the discovery of another widespread malware attacking Mac computers.


    Dubbed "Sabpab," the threat uses the same Java vulnerability that the Flashback botnet exploited last month in creating 650,000 Mac zombies.

    Sophos says you can check to see if you have been infected by searching for the following files:

    /Library/Preferences/com.apple.PubSabAgent.pfile

    /Library/LaunchAgents/com.apple.PubSabAGent.plist
    Sabpab has been described as a "basic backdoor Trojan horse" which allows control servers to execute commands remotely on infected Macs.

    Apple has already patched the vulnerability and the new trojan is not as widespread as Flashback was, but still remains a threat if you have not updated.

    (my comment) Makes one re-evaluate the validity of the commercial below.

    Say what you mean. Mean what you say. But don't say it mean.

  5. #5
    paularoid's Avatar
    paularoid is offline On the verge of losing dog because I post so much!
    Join Date
    Mar 2006
    Location
    I-DUH-ho
    Posts
    3,579

    Default Flashback malware removal tool roundup

    http://reviews.cnet.com/8301-13727_7...-tool-roundup/

    Flashback malware removal tool roundup

    In the past week, a number of reputable companies have released tools to automatically remove the Flashback malware from OS X systems.


    The Apple community is tackling the Flashback malware threat for OS X. Despite these efforts, the malware is still out there with the potential to infect unpatched Mac systems or even those that are patched, but for which the user fell for the fake Flash updater traps used by earlier variants of the malware.

    You can check for the presence of the malware using our instructions or others, or use automated online options such as Dr. Web's checker to determine if your system may be compromised. So far, a number of tools have been released by some reputable security firms that will detect and remove this threat from OS X systems.

    F-Secure Flashback Remover
    The first of these tools is F-Secure's Flashback remover, which will extract known variants of the malware from its location within applications and user accounts, and save them in a benign zip file, which can then be destroyed or sent in for analysis.

    Kaspersky Flashfake removal tool
    The second such tool is from Kaspersky labs and is called the Flashfake removal tool. This tool runs a number of Unix commands within an AppleScript that will remove any known malware and notify you of the results. Unlike F-Secure's option, it will just remove the malware and not quarantine it.

    Symantec Flashback Remover
    Symantec was the third to release its Flashback removal option, which it has supplied as a shell script and Ruby script combination. Unlike those from Kaspersky and F-Secure, Symantec's solution runs within the OS X terminal but launches by double-clicking the script file located within the downloaded disk image.

    Apple MRT tool
    Apple followed an announcement of its own Flashback removal tool (available via Software Update) with the release of one that accompanies yet another update to the Java runtime for both OS X 10.6 and 10.7. This tool is reminiscent of the tool Apple released to remove the MacDefender malware, and is a native Cocoa application instead of being a script-based tool as is the case with other options. The program will run when the Java update is applied, and will remove the malware and upload the results to Apple's servers, followed by deleting itself from the system.

    Apple today released a separate stand-alone version of its MRT utility; however, it is only for OS X Lion users who do not have Java installed on their systems. This appears to be an effort to help detect earlier variants of the malware that these users might have encountered. So far there is no such option from Apple for other versions of its Mac operating system.

    Note that these tools are not full antivirus scanners, and instead are simple run-once scripts programs that are intended to quickly clear the problem instead of providing ongoing protection.

    While Apple's malware tool is a good sign to see from the company, unfortunately it will only work on systems running OS X 10.6 or later, since Apple has stopped supporting prior versions of OS X. Therefore, if you are running an older version of the Mac operating system, then be sure to use one of the first three tools to check your system, or follow our instructions for manually running the commands necessary to check for and remove the malware.
    Say what you mean. Mean what you say. But don't say it mean.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •