Free Tool Detects Flashback Mac Malware

Author: Category: Greg's Blog

A Mac developer has posted a tool that detects a Flashback malware infection on Apple’s computers.

The tiny tool — it’s just a 38KB download — was created by Juan Leon, a software engineer at Garmin International, the Kansas-based company best known for its GPS devices.

Ars Technica first reported on Leon’s FlashBack Checker.

The tool spots the malware by automating a tedious process first described by security firm F-Securelast month. F-Secure’s procedure required entering multiple commands in Terminal, the Mac OS X command line utility.

When Flashback Checker is run, it displays “No signs of infection were found” or provides additional information if it does detect changes the malware has made to the Mac.

Unlucky users can scrub Flashback from their machines using commercial security software — both French vendor Intego and Finland’s F-Secure offer free 30-day trials to their Mac antivirus products — or use the complex instructions posted by the latterhere.

According to Dr. Web, the Russian security company that was the first firm to quantify Flashback infections, nearly 2% of all Macshave been hit by the malware.

Dr. Web used a different technique to detect Flashback than Leon. Rather than examine the Mac itself, Dr. Web’s tool compares the UUID (universally unique identifiers) of a machine to the list of UUIDs of infected Macs it compiled after commandeering a hacker command-and-control (CC) server.

Flashback has been in circulation since last September, but only in the last several weeks has the malware been installed silently via “drive-by” attacks that rely on exploiting a just-patched vulnerability in Oracle’s Java.

Apple quashed the Java bug on April 3, or seven weeksafterOracle had patched the vulnerability for Windows and Linux users.

Flashback Checker had been downloaded nearly 36,000 times from the github source code repository as of 4 p.m. ET Monday.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news forComputerworld. Follow Gregg on Twitter atTwitter@gkeizer, onGoogle+or subscribe to Gregg’s RSS feedKeizer RSS. His email address is gkeizer@computerworld.com.


For more enterprise computing news, visit Computerworld. Story copyright © 2011 Computerworld Inc. All rights reserved.

Would you recommend this story?

YES
NO

  • Recommend:
  • 0 Comments
  • Print

Free Tool Detects Flashback Mac Malware, Blog, malware, Free, tool, Detects, Flashback
Leave a commentSubmit Comment

Once you click submit you will be asked to sign in or register an account if you are not already a member.

Posting comment …



Trade in your old printer save! A new Xerox ColorQube® can increase print quality and reduce costs. Start saving today.

Article source: http://www.pcworld.com/article/253499/free_tool_detects_flashback_mac_malware.html

View full post on National Cyber Security » Virus/Malware/Worms