Apple is currently developing software that will be able to detect and remove the Flashback Trojan from infected systems. More than 650,000 Mac users are infected with the malware. Yesterday it was Kaspersky that released its own Flashback Trojan removal tool.
The company is working hard to release software that will put a stop to the flashback-malware, this information can be found on the support page regarding the malware. The company hasn’t announced when the removal tool will be available, although it is likely that it will be released in the coming days. Meanwhile security company Kaspersky already released their own tool that removes malicious software from infected systems. The malware can also be removed manually with the following tutorial here, but it will require some experience with Terminal commands.
Apple announced that it is currently also working together with ISP’s to bring down the management servers that are currently in the hands of cyber criminals. These measures yielded some criticism; DrWeb says that Apple simply doesn’t communicate with anti-virus companies about the Flashback Trojan. The company had tried to bring down a sinkhole-domain, which is an administration server in the hands of benign parties; DrWeb is currently managing a sinkhole-domain that is used to analyze the botnet traffic.
The Flashback Trojan was discovered in September last year and has since then created more than 650,000 Mac-bots. The Trojan is exploiting vulnerabilities that are present in earlier versions of Java, Mac’s are directly infected by visiting a website with malicious content. Although users were asked to enter an admin password, the Trojan installed itself anyway. Oracle, the developer of Java, already patched the vulnerability in February, but Apple waited until last week to release two fixes.