by Randy B. Singer (see attribution at bottom)
There are a couple of new Trojan Horses going around that are quite nasty. The one that is receiving the most press is called Flashback.
Article: Mac Flashback Trojan: Find Out If You’re One of the 600,000 Infected <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected> Find out if you are already infected by the Flashback Trojan, and it tells where to go to find instructions on how to eliminate this malware if you are. (Don't be too upset by the title of that article. I've yet to hear a single firsthand account of someone being infected by Flashback.)
A simpler method (i.e. non-command line) than the F-Secure steps to check to see if you are infected by Flashback is this little app that runs the test for you. It just posts a dialog that says whether or not you're infected. It does not make any attempt to remove the trojan. You can download it here: <http://rsdeveloper.com/downloads/test4flashback.zip>
Apple has already pushed out an update to Java that includes a patch to make your Mac immune to Flashback. Once you either find out that you aren't infected with Flashback, or you find out that you are infected with Flashback and you eliminate it, it would be a very good idea to go ahead and update Java to acquire immunity to Flashback.<http://support.apple.com/kb/HT5228?viewlocale=en_US&locale=en_US>
There is another Trojan Horse going around that is carried via a Microsoft Office document. Don't confuse this with the Flashback Trojan. Apple has already pushed out a patch to protect you against this Trojan also. Apple updated XProtect with a definition to catch the Office vulnerability. They refer to it as "OSX/Mdropper.i." This should have happened automatically in the background on your Mac if your are running OS X 10.6 or higher (i.e. Snow Leopard or Lion).<http://support.apple.com/kb/HT465> (There is no version of XProtect included in versions of OS X prior to OS X 10.6/Snow Leopard.)
In addition, if you have Microsoft Office installed, it's a good idea to install the Microsoft updaters for Office. These include a patch against this Trojan also:<http://www.microsoft.com/mac/downloads>
Now, the question that always comes up is: Do I need to install anti-virus (AV) software at this point? Most ordinary Mac users do completely without any AV software, and yet you just about never hear about a Mac user being infected with Malware. There are still no actual viruses (defined as self-propogating software) for the Macintosh. I’ve told you, above, how to deal with the latest malware threats without the need for AV software. So not much has changed that would require that we all run out and purchase AV software.
I’ve run what is usually the most highly rated (in magazine comparison tests) AV software program for the Mac for over a decade: Intego’s VirusBarrier ($50) <http://www.intego.com/virusbarrier> just to be able to tell clients that I am running AV software. (Clients don’t understand that a Macintosh isn’t the same thing as a Windows computer. And I don’t want to bother to try explaining the difference to them.) In all that time VirusBarrier has never actually protected me from anything of any consequence. While VirusBarrier is excellent, some users have (rarely) reported that it can cause nasty software conflicts (as can any AV software that runs constantly in the background). And since VirusBarrier always running in the background on your Mac, even though it is mostly unnoticable, there is some (minor) level of performance degridation (and once again, this is true of any AV software that is always running in the background).
So, instead, you may want to download and regularly use this free product: ClamXav (free) http://www.clamxav.com/. ClamXav doesn’t run constantly in the background like most other AV programs. (So it shouldn’t cause any software conflicts or slowdowns.) It can, however, be set to run on a schedule. It is easy to use, and it is comprehensive. So it is a good choice to install on your Mac, even if AV software really isn’t necessary for your Mac.
___________________________________________
Randy B. Singer (via Apple User Group Digest)
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________
Comments