Copy
Newsflash: Flashback Trojan Horse in the wild
MacAtoZ LLC
April 2012 MSS Newsflash

'Flashback' Trojan Horse in the wild—what to do

Macintosh computers 

susceptible; block available by running Software Update. A Trojan Horse—a bit of bad computer code that pretends to be something else—is infecting a few Macs. This is different from a virus which spreads from computer to computer. I saw an infected Mac up in Portland yesterday via remote support. I don't think Flashback terrifically common, but let's keep it from becoming so. Here's what you should do:

  1. Go to the Apple Menu and choose Software Update.... Install all available updates, especially those that relate to "Java" (which is how Flashback works). After you run these updates, your Mac running Mac OS X 10.6 or 10.7 cannot be infected by Flashback.
  2. If you're afraid that your Mac may have already been hit by Flashback, download and run Test4Flashback. This will tell you if your Mac is infected or not. If your Mac is clean and you've applied the Software Updates in Step 1, you have nothing more to worry about. 
  3. If Test4Flashback indicates that your Mac is infected, please call (503-507-0410) or email (tydavison@macatoz.com) at your earliest convenience. Removing the Flashback Trojan involves working in the Terminal, and unless you know what you're doing, you could do more harm than good. MacAtoZ can solve this problem via Mac HelpMate remote support. You won't need to bring your Mac to me or schedule an on-site visit. You should not lose any data.
Flashback does not involve iOS. iPhones, iPads, etc. are not impacted by this. 

If your Mac is running an earlier operating system (Mac OS X 10.4 or 10.5), you will need to go to your web browser's preferences and turn off Java to avoid infection. This may cause some web browsing features not to work, depending on the site, but there is presently no other way I know of to block infection for those systems. 

A little bit more about Flashback

What is it? How does it work? What now? Flashback is a Java-based Trojan Horse. It uses the Java programming language to install itself and to do things on your Mac without your permission (or, likely, awareness). Apple has depreciated Java—it's not even installed with Mac OS X 10.7 Lion unless you specifically choose to install it. Unfortunately, a lot of web sites and programs use Java, so a lot of Mac users (me too) have Java installed. 

The real genius of Flashback is that it can be tied to web sites that use Java—again, there are lots of those—and infect your Mac without intervention from you, and you may not even know that your Mac has been infected. On the Mac I saw in Portland, the evidence of a problem was that older, PowerPC software was crashing. But you may not notice anything is wrong. It's insidious

The good news is that, as outlined above, it's a relatively simple matter to test for infection and protect against it going forward. (And if your Mac is infected, it's a technically-complicated but not impossible, fix.) Should you load your Mac with anti-virus software on the basis of this? I don't think it's essential. First, I've seen far more problems with antivirus software than I have with malware on the Mac. Second, I think it's telling that Flashback uses a technology that Apple doesn't even ship by default anymore. 

Nonetheless, if you want to have antivirus, a free virus scanner called ClamXav is available from the Mac App Store. (Odds are good that what you'll find when you use it is that you've received emails loaded with PC viruses; those are incredibly common, and though they don't impact Macs, we can spread them Typhoid Mary-like to PCs.) If that provides you with peace of mind, use it. By and large, I continue to think there's not a lot to worry about so long as you keep your Mac software up to date. 
Apple Consultants Network
I am Ty Davison, the only Apple-certified, Apple Consultants Network member in Oregon's mid-Willamette Valley.

My company, MacAtoZ LLC, provides technical support, upgrade, installation, networking, training and tutoring, web design and hosting, and remote support services for Apple products like Macintosh computers, iPhones, iPods, and iPads. 

I've been providing computer services for clients in the Salem area since 1999. I am certified by Apple and I carry $1 million in business liability insurance. I am a frequent and well-known presenter (and former Board Member) of the Salem Macintosh Users Group (SMUG). You can count on me and my company.

At $96 an hour, MacAtoZ offers one of the lowest certified on-site rates in Oregon. Our innovative remote support program, the MacAtoZ Service Suite (MSS), also provides a wide-range of features at incredibly low-prices.

If you're looking to save money on Apple and Apple-related products, check out our MacAtoZ Online Store. (If you're looking for computer memory, we sell that directly.)


MSS

Quick Links

MacAtoZ LLC: The main company web site. You can find information about products and services as well as advice here. 

MacAtoZ Online Store: Get recommendations on various Apple-related products. Ordering and order fulfillment by Amazon.com. 

MacAtoZ Support: Download the latest version of Mac HelpMate here.

MacAtoZ App Discovery: Recommendations on iPhone, iPod Touch, and iPad software. Ordering and order fulfillment by Apple. 

Salem Mac Users Group: Salem, Oregon-area Macintosh and Apple gear enthusiasts. Meets monthly. Visitors welcome!

Apple Consultants Network: If you need help, entrust your computer and your data to professionals. 
© 2012 by MacAtoZ LLC. All rights reserved.
Email Marketing Powered by Mailchimp