Flashback Trojan: Check If You’re Infected and What to Do About It
Flashback was originally discovered in September 2011 and was designed to disguise itself as an Adobe Flash Player installer, using Flash player logos. After installing Flashback, the malware seeks out user names and passwords that are stored on your Mac.
There are no visible symptoms for this Mac virus, except for making sporadic connections to unknown servers that can be only seen in the Firewall logs, if any firewall is in place. The symptoms also depend on the payload that may be downloaded upon the command from the control server.
It is really difficult to prevent contracting the virus, but it’s not impossible.
The bad thing about these types of infections is that it is hard to prevent them without disconnecting one’s computer from the Internet. We advise Mac users to strictly follow Apple’s security updates. Don’t neglect them.
To protect your computer from contracting the virus now, download Apple’s latest software update. Click the Apple logo located in the top-left section of the desktop and select Software Update. Install all of the available updates as soon as possible.
So how you can check your system whether it was infected by the virus or not?
Although symptoms are minimal, there are a few things you can do to see if you are infected.
Go to the Mac’s Library folder and select LaunchAgents. There should be several files in that catalog.
Search all files in the folder for the following contents:
Mac Flashback HTML Code
Look for the file name specified in the ProgramArguments key. This is where the file BackDoor.Flashback.39 would be located. If the file is empty, it means that none of your programs are meant to start automatically. It also means that you are not infected.
To see if this is the trojan, scan it with anti-virus software for Mac OS or upload it to VirusTotal website.
To cure the machine, delete both files.
Removing the files should restore your computer.
Instead of following those steps, you could also run a scan by downloading the free Dr. Web Light from the Apple App Store
Even if you aren’t infected, make sure you install the latest Apple security update for Java to fix the vulnerability that allowed this nasty exploit to exist in the first place..
The security update URL:
Flashback Trojan – more info
Flashback Trojan infected 600 000+ Macs
Silicone girl from Sweden
St. Petersburg girl pumped the biggest mouth in the world
Megaupload.com – the latest news
MegaUpload Founder Claims He’s ‘Evil,’ ‘Guilty,’ And ‘God’ On His License Plates
Kim Dotcom – Bio.
Megaupload - cost copyright holders at least $500 million.