This week all Apple fans who claimed that Mac is more secure than any other OS got really disappointed because F-Secure announced that over half a million Mac computers were infected with Flashback Trojan (Trojan-Downloader:OSX/Flashback.I). This Trojan is rated as dangerous because it modifies your target website and steals your passwords along with credit card numbers and other personal information. There is no information how many passwords were stolen and how they were used but one is sure that you have to check your computer and remove this Trojan as soon as possible.
How I got flashback Trojan on my Mac?
It was distributed through websites that offer some content, most likely a video, and to view it require downloading Adobe flash player. It wasn’t a real flash player but it was designed to look like one so user got fooled. This Trojan installs just like regular browser plugin and users didn’t notice anything unusual. Users were tricked that it’s Adobe’s flash player installation but the Trojan itself is Java based application.
How to find and get rid of flashback Trojan?
F-Secure were one of the first who come up with the proper solution that allows detect and remove this Trojan. It will also get rid of malware that were downloaded while Trojan was present in your computer. Of course it won’t send back your stolen passwords with apologies, so if this tool detects Trojan then change all your passwords immediately.
This F-Secure’s Trojan removal is available for free and you can download it here. It’s very simple tool and runs with barely any input needed by user. Simply launch application and it will almost instantly show if your computer were infected and what action it took to remove it. My Mac were not infected so I don’t know how long will it take to remove tis Trojan but should be few seconds as it’s just a small file.
Most infected Mac computers had Mac OS X 10.5 or earlier version and based on statistics it’s around 20 % of the whole Mac users. So no matter what MAC OS X version you have I strongly recommend to check your computer as it will take no more than few minutes.
This case again shows that there are no bullet and/or fool proof operation systems and every system has it weak point so it’s better to check twice that plugins and apps you download and install to avoid lost passwords or even credit card information.
Update (1): Kaspersky also announced Flashback Removal Tool to identify and disinfect the Mac OS X Flashback/Flashfake Malware. Kaspersky also claims that FlashfakeBotnet were installed on 670,000 Mac computers.