Menu

Technology

Apple plans software to rid 650,000 Macs of Flashback virus

mac lion cracked malware

Image composite by SecurityNewsDaily

Think your Apple computer is immune? Think different.

A nasty bit of malware called Flashback has infected approximately 600,000 Macintosh computers worldwide through a Java security flaw, according to a Russian security firm -- and Apple itself is hard at work on a fix, the company said Tuesday.

“Apple is developing software that will detect and remove the Flashback malware,” the company wrote in a support document on its site addressing the Flashback malware.

“Apple released a Java update on April 3, 2012 that fixes the Java security flaw for systems running OS X v10.7 and Mac OS X v10.6” -- the most recent versions of the operating system, the company noted. But software will still be required to remove Flashback from systems that are already infected.

SUMMARY

BIG MAC ATTACK: Malware called BackDoor.Flashback.39 has infected over 650,000 computers running Mac OSX, according to Russian security firm Dr. Web. 

Apr. 10, 2012: the total number of computers infected exceeded 650,000. Apple says it plans removal software.

Apr. 6, 2012: Apple releases second update to fix security holes.

Apr. 4, 2012: Dr. Web issues press release on Flashback malware epidemic; Apple update iApple Java to fix holes.

Mar. 25, 2012: The first Flashback botnet domains are registered.

There are several ways to remove the malware already, however, including antivirus programs and software by security firm F-Secure specifically written to remove the virus.

“In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network,” the company wrote.

Meanwhile, as Apple fought to control the spread of the virus it appears to have inadvertently shut down a website used by the company that discovered the Flashback epidemic.

Boris Sharov, head of Russian firm Dr. Web that initially reported to massive malware, told Forbes recently that Apple had asked a Russian Internet registrar to shut down one of its domains.

“They told the registrar this [domain] is involved in a malicious scheme,” Sharov told Forbes. “Which would be true if we weren’t the ones controlling it and not doing any harm to users.”

“This seems to mean that Apple is not considering our work as a help. It’s just annoying them,” he said.

Sharov said he believed Apple did not mean any harm with its actions.