It was a bad news for many Mac users. Number of infected users had already crossed seventy thousand mark, which means that about 1 in every 100 Macs were infected with Trojans. This article solely speaks about this issue and how to face it. Let’s look at its history. It took the advantage of a java based vulnerability simulating, an adobe flash update. It is named as flashback and even known as Flashfake. Visiting the number of compromised websites will infect the mac with these Trojans. Flashback makes an attempt of installing a payload which surely leads to the download, and the installation of malicious code.
Since 1982, the apple vulnerability had started when PC viruses were predated by a small virus known as “Elk Cloner”. The threats by Autostart 9085 and Sevendust was the beginning of the modern era. It was since 2004 when the Operating System X was suffered from several threats and cyber attacks from the most dangerous being the Leap-A, MacSweeper and the recent ones are the MacDefender outbreaks.
The issue of mac being vulnerable is really a controversial issue. It is also being pointed towards the Macs small market share to argue that the hackers are least interested in the mac computers which are used by less than 6% worldwide. The java developer Oracle in early 2012 had detected the threats of the Trojans to macs. This is all about history. The following part shows of how to check whether the macs are really affected by the Trojans.
How to check the Flashback infection in the Mac:
Kaspersky Labs is one of the antivirus companies that has come up with an online web app to check the Mac for infections from Flashback. It should be noted that this method requires user to enter “Hardware UUID” which is the Universally Unique Identifier. Kaspersky is the most secured web company and can completely be relied upon. But, if still there is an uneasiness in entering such personal details, then there are always manual methods:
Step 1: Click on Utilities, then click on Applications and Terminal.
Step 2: type the following or copy and paste them:
- defaults read /Applications/Safari.app/Contents/Info LSEnvironment
- defaults read /Applications/Firefox.app/Contents/Info LSEnvironment
- defaults read ~/.MacOSX/environment DYLD INSERT LIBRARIES
Step 3: Click Enter. If message is shown that such a path does not exist, then the Mac is free from infection, but if a message is shown, then there is a Flashback infection.
How to remove the Flashback Trojan: Kaspersky again comes to the rescue with the Flashback/Flashfake removal tool. This removes Trojan and makes system safe. The latest OS X patch from Apple must be installed and computer and it should be operated using more vigilant methods.